Cant make packet forwarding work

After battling for hours with a 8.0 box in order to make packet forwarding work, I am at a total loss - it's just not happening. Can anyone help me out - I am on a deadline and was completely surprised that such a mundane task suddenly would take me many hours!?

Extracts from rc.conf and netstat are attached below.


dagS

rc.conf:
Code:
ifconfig_bce0="inet xx.xx.226.130 netmask 255.255.255.248"
ifconfig_bce0_alias0="inet xx.xx.226.131  netmask 255.255.255.248"
ifconfig_bce0_alias1="inet xx.xx.226.132  netmask 255.255.255.248"
ifconfig_bce1="inet 10.152.2.1 netmask 255.255.255.0"
defaultrouter="xx.xx.226.129"
hostname="promo.xxx-xxxx.no"
gateway_enable="YES"

# Setup SPI firewall
firewall_enable="NO"
firewall_script="/usr/local/etc/ipfw.rules"
Code:
Name    Mtu Network       Address              Ipkts Ierrs    Opkts Oerrs  Coll
bce0   1500 <Link#1>      00:26:b9:3d:e3:38     2182     0     1328     0     0
bce0   1500 xx.xx.226.12  xx.xx.226.130.st     2597     -      909     -     -
bce0   1500 xx.xx.226.12  xx.xx.226.131.st        0     -        0     -     -
bce0   1500 xx.xx.226.12  xx.xx.226.132.st        3     -        0     -     -
bce1   1500 <Link#2>      00:26:b9:3d:e3:39     3345     0     1902     0  1354
bce1   1500 10.152.2.0    10.152.2.1             903     -     3574     -     -
bce2*  1500 <Link#3>      00:10:18:5d:d7:58        0     0        0     0     0
bce3*  1500 <Link#4>      00:10:18:5d:d7:5a        0     0        0     0     0
bce4*  1500 <Link#5>      00:10:18:5d:d7:2c        0     0        0     0     0
bce5*  1500 <Link#6>      00:10:18:5d:d7:2e        0     0        0     0     0
lo0   16384 <Link#7>                            1000     0     1000     0     0
lo0   16384 fe80:7::1     fe80:7::1                0     -        0     -     -
lo0   16384 localhost     ::1                      0     -        4     -     -
lo0   16384 your-net      localhost              988     -      996     -     -
 
DutchDaemon said:
What are you using for NAT?
Looking at the posted config my guess is nothing ;)

@dahansen You need to configure NAT. Your packages are being forwarded but since the source addresses are RFC-1918 private addresses nobody can respond.

You can see for yourself if you use tcpdump on the external interface.
 
Back
Top