On Sun, Jul 22, 2001 at 09:52:03AM -0400, Sam Carleton wrote:
> I am under the impression that this is NOT the most ideal place to post
> this email.  Considering this question is solely about IP Filter, I
> would think that the IP FIlter mailing list would be ideal.  The
> problem, I posted this email there yesterday and had NO replies, nor
> seen anyone post anything else, what so ever.  Thus I am turning to you
> all, I hope you don't mind.
> ----------------------------------------------
> I am setting up my IP FIlter firewall.  But I thought I should get NAT
> working the way I want it first.
> 
> I have a cable modem and am assigned an IP via DHCP.  I have a server
> behind the firewall that will host a web server, among other things.  I
> need incoming requests to port 22,25,80, and 443 on the outside NIC
> (iy0) to be redirected to the respected port on my web server
> (192.168.0.5).  With the below ipnat.conf, when I ssh'ed into the
> system, I ended up on the firewall, not the 192.168.0.5 server.  At this
> time there is NO ipfilter rules.  What am I doing wrong?

Ha, NO ipfilter rules. ipfilter needs to be enabled for NAT to work.
Try 'ipf -E' to test.
You may want to create a dummy /etc/ipf.conf with just
pass in from any to any
and enable ipf in /etc/rc.conf, so that ipf -E will be run at boot.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--