Thank you. I think you're right! I tried something similar to what you've to
below excluding the proxy statement.
I'll put this next question in a new post as well...but,
When I connect my internal network's nic card to the switch's uplink port,
the "link" light" does not illuminate? I'm not sure if it even should? The
result is that no packets are routed. However, when I change the port from
uplink to normal, I can ping a machine on the internal network. But the
internal machine still can't get past the firewall.
So I don't know if I've got a mapping issue, nic card configuration, or
thanks for an input.
> RT> Would this be correct? ne3 is a nic card connected to a cable
> RT> modem using dhcp, using the same configuration the
> RT> installation program created. ne4 is my "internal" network
> RT> attached to a switch's uplink port.
> RT> map ne4 10.9.8.7/24 -> ne3/32 portmap tcp/udp 10000:20000
> RT> Is that it? Is there anything else to configure? I've got ipf
> RT> enabled, rc.conf edited, the kernel is modified...Can't say
> RT> I've succeeded yet, but I'd like to verify the logic.
> I think there's a mixup with the interfaces. I have a similar
> configuration: ne3 to outside world, ne4 internal private network. It
> looks like this:
> map ne3 192.168.1.0/24 -> XXX.XXX.XXX.XXX/32 proxy port ftp ftp/tcp
> map ne3 192.168.1.0/24 -> XXX.XXX.XXX.XXX/32 portmap tcp/udp 10000:60000
> map ne3 192.168.1.0/24 -> XXX.XXX.XXX.XXX/32
> Here 192.168.1.0 is my internal network, XXX.XXX.XXX.XXX is the
> complete ip address of my router/nat/whatever openbsd box. I think you
> could substitute XXX.XXX.XXX.XXX/32 with ne3/32 but I haven't tried
> ut imber aquas + Oulu University, Learning
> at cave! vacca volat. + and Research Services