> $fwcmd 00001 allow all from any to any via re0 > ipfw nat 1 config log if re1 reset same_ports deny_in > $fwcmd 00100 nat 1 ip from any to any via re1
100-е правило разделите на два.
00100 nat 1 ip from 192.168.30.0/24 to not 192.168.30.0/24 out via re1 00101 nat 1 ip from any to me in via re1