Re: npf questions/experience migrating from ipf on NetBSD8

To: yancm%sdf.org@localhost
Subject: Re: npf questions/experience migrating from ipf on NetBSD8
From: Robert Swindells <rjs%fdy2.co.uk@localhost>
Date: Sun, 03 Jan 2021 19:43:31 +0000

yancm%sdf.org@localhost wrote:
>> After recompiling an GENERIC NetBSD 8_Stable kernel with npf
>> pseudo-device, I could ping the internet from the console, but
>> not from machines attached to my lan...
>> Here are some diagnostics...
>> # npfctl list -n
>Is empty... no NAT taking place I can tell?

How have you configured the machines on the lan ?

>I even tried a simple, promiscuous ruleset and that also fails to NAT?
>
># npfctl show
># filtering:    active
># config:       loaded
>
>procedure "log"
>
>map wm0 dynamic any -> 10.1.10.10 pass family inet4 from 192.168.1.0/24 #
>id="1"

You seem to be using 192.168.1.0/24 for your lan, where does 10.1.10.10
come into the equation ?

I'm guessing that wm0 is your external interface, what is the IPv4
address ?

I'm using a slightly modified version of soho_gw-npf.conf and it does
NAT fine.

Follow-Ups:
- Re: npf questions/experience migrating from ipf on NetBSD8
  - From: yancm

References:
- Re: npf questions/experience migrating from ipf on NetBSD8
  - From: yancm

Prev by Date: Re: IPfilter problems known for NetBSD-9ish?
Next by Date: Re: npf questions/experience migrating from ipf on NetBSD8
Previous by Thread: Re: npf questions/experience migrating from ipf on NetBSD8
Next by Thread: Re: npf questions/experience migrating from ipf on NetBSD8
Indexes:

Home | Main Index | Thread Index | Old Index