/etc/sysctl.conf
---
net.inet.ip.forwarding=1
---

Do you have that set?  Just set up a SS5 myself as a simple nat router and
spent hours banging my head on the keyboard to find that as my problem, hope
your not going through the same trouble I did.

----- Original Message ----- 
From: "Jordan Hayashi" <periwinkles0@gmail.com>
To: <port-sparc@NetBSD.org>
Sent: Sunday, March 20, 2005 2:09 AM
Subject: ipnat/ipf problem


> I am having some trouble getting ipnat/ipf to work correctly. The
> machine doing NAT is a SS20. There are two interfaces in use: onboard
> (le0, 172.16.0.1), and quad ethernet sbus (hme0, 10.2.0.228). Both
> interfaces are connection to the same network, if that matters (I
> wanted to do some testing).
>
> I am attempting to use le0 as the internal interface, and hme0 as the
external.
>
> I have tried this with a blank ipf.conf file, and also some very basic
> configurations. Below is ipnat.conf:
>
> # cat /etc/ipnat.conf
> map hme0 172.16.0.0/16 -> 0/32 proxy port ftp ftp/tcp
> map hme0 172.16.0.0/16 -> 0/32 portmap tcp/udp 10000:40000
> map hme0 172.16.0.0/16 -> 0/32
>
> A few things -- ICMP and DNS lookups -- seem to work fine. However,
> most anything else (ie: HTTP) will appear to connect, but then receive
> nothing afterward. I do see the sessions appear in "ipnat -l". For
> example:
>
> List of active sessions:
> MAP 172.16.0.10     1122  <- -> 10.2.0.228      10003 [66.35.250.151 80]
>
> I have tried many different things with ipf.conf, ie: keep state. I
> think the problem may be with ipnat, but am kind of lost. Any
> pointers?
>
> Thank you!
>