From owner-freebsd-isp  Sun Dec  5  7:55:50 1999
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.fil.net (mail.fil.net [202.57.102.7])
	by hub.freebsd.org (Postfix) with ESMTP id A01E414BD0
	for <freebsd-isp@FreeBSD.ORG>; Sun,  5 Dec 1999 07:55:45 -0800 (PST)
	(envelope-from aLan@fil.net)
Received: from fil.net ([202.57.102.6]) by mail.fil.net
          (Netscape Messaging Server 3.62)  with ESMTP id 251
          for <freebsd-isp@FreeBSD.ORG>; Sun, 5 Dec 1999 23:55:38 +0800
Message-ID: <384A8AF9.3287B947@fil.net>
Date: Sun, 05 Dec 1999 23:55:37 +0800
From: "aLan Tait" <aLan@fil.net>
X-Mailer: Mozilla 4.6 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: "freebsd-isp@FreeBSD.ORG" <freebsd-isp@FreeBSD.ORG>
Subject: IPFilter and xntpd
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I got IPFilter running in the gateway computer.  Likewise,
xntpd was working fine... until I switched it online and
over to the RFC 1918 addresses between the router and the
Gateway.

Below is basically the rc.conf file (xl0's IP was changed
for security).

If I am on gw and try to ping, traceroute, or xntpd to the
outside world, it fails...  I think because it is passing
the 192.186.1.2 address as the return.  That, of course,
also makes xntpd fail for other servers pointed at gw.  If I
point an inside server at outside our network, it works
fine.  Everything inside to the outside works as far as I
can tell.  I was just thinking it would be good if the gw
was also our system clock...

Can this be?  Am I missing something that would allow the
return packets to return to "123.45.102.1" instead of
"192.168.1.2"???

Or should I just use a different server inside (like ftp),
and then point gw at it?  

network_interfaces="ed1 xl0 lo0"
ifconfig_ed1="inet 192.168.1.2  netmask 255.255.255.0"
defaultrouter="192.168.1.1"
ifconfig_xl0="inet 123.45.102.1  netmask 255.255.254.0"
gateway_enable="YES"
hostname="gw.fil.net"
moused_type="NO"
xntpd_enable="YES"
xntpd_flags="-c /etc/ntp.conf"

Outside
  |  Provider link
Router
  |  192.168.1.1
  |
  |  192.168.1.2
GateWay
  |  x.x.102.1
  |
  |
 Hub

aLan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message