帮我看看这两个文件有没有问题,我现在不能nat出去

yhcamel

pass out on fxp0 all
pass in on fxp0 all
pass out quick on lo0 all
pass in quick onn lo0 all
block in quick on fxp0 proto tcp from any to any to port =22
pass in quick on fxp0 proto tcp from any to any port = 80 flags S/SA keep state
pass in quick on fxp0 proto tcp from any to any port = 88 flags S/SA keep state
pass in quick on fxp0 proto tcp from any to any port = ftp flags S/SA keep state
pass in quick on fxp0 proto tcp from any to any port = ftp-data flags S/SA keep state
pass in quick on fxp0 proto tcp from any to any port 10000 >< 60000 flags S/SA keep state
block in quick on fxp0 all

上面是ipfilter.conf

下面是ipnat.conf
rdr fxp0 218.4.58.36/32 port 80 -> 192.168.1.16 port 80
rdr fxp0 218.4.58.36/32 port 88 -> 192.168.1.15 port 7777
rdr fxp0 218.4.58.36/32 port 21 -> 192.168.1.9 port 22

map fxp0 192.168.1.0/24 -> 218.4.58.36/32 portmap tcp/udp 20001:41000
map fxp0 192.168.1.0/24 -> 218.4.58.36/32
我在内核里面启用了ipfilter了
options IPFILTER
options IPFILTER_LOG

rc.conf
也加了
ipfilter_enable="YES"
ipfilter_program="/sbin/ipf"
ipfilter_rules="/etc/ipf.conf
ipnat_enable="YES"
ipnat_program="/sbin/ipnat"
ipnat_rules="/etc/ipnat.conf"

yhcamel

怎么有人看没人回的

rainren

map fxp0 192.168.1.0/24 to any -> 218.4.58.36/32 portmap tcp/udp 20001:41000
map fxp0 192.168.1.0/24 to any -> 218.4.58.36/32

依PF的NAT改的！

打开了net.inet.ip.forwarding吗？

yhcamel

好的  net.inet.ip.forwording 打开的

yhcamel

但是这个好像不对net.inet.ip6.forwording 0-> 0

Freebird

sysctl中没有ipv6的设置项

rainren

sysctl -w net.inet.ip.forwarding=1
sysctl -w net.inet.ipv6.forwarding=1(如果使用ipv6就打开)

或将它加入/etc/sysctl.conf
net.inet.ip.forwarding=1
net.inet.ipv6.forwarding=1

yhcamel

这是用来做什么的?

rainren

IP转发！

yhcamel

出错提示! 那个开机似的信息放在哪里的? 那个太快了来不及记下来