From owner-freebsd-questions Thu Oct 5 16:25:32 2000 Delivered-To: freebsd-questions@freebsd.org Received: from smtp.atl.mediaone.net (atlasmtp.atl.mediaone.net [24.92.1.152]) by hub.freebsd.org (Postfix) with ESMTP id 03C8E37B502 for ; Thu, 5 Oct 2000 16:25:26 -0700 (PDT) Received: from mike (client113037.atl.mediaone.net [24.31.113.37]) by smtp.atl.mediaone.net (8.8.7/8.8.7) with SMTP id TAA10474 for ; Thu, 5 Oct 2000 19:25:24 -0400 (EDT) Message-ID: <000801c02f88$8f01ee20$b400a8c0@atl.mediaone.net> From: "Mike" To: Subject: Natd not working properlly. Date: Fri, 6 Oct 2000 07:28:31 -0400 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0005_01C02F67.0740D440" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_0005_01C02F67.0740D440 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello I am having problems getting natd to work correctly. I have BSD = running as=20 the server with 2 NIC cards one has the cable modem plugged into it. The = other is pluged into the HUB. I also have a Windows box plugged into the = hub. From the Windows box I asigned a private IP 192.168.0.5 and the = gateway as the private IP 192.168.0.1 that I asigned on my FreeBSD box = for the NIC going into the HUB. I also asigned the IP addresses for the = name servers in TCP/IP on the windows box. From the Windows Box I can ping the gateway 192.168.0.1 and I can also = ping the IP address asigned by my cable provider but I cannot ping past = that or get web pages. I used the web sight = http://www.mostgraveconcern.com/freebsd/ as a refference and below I = have the configuration from my box. If anyone has any sugestions I would = most apprecaite it. Thanks in advance, Mike F. ***** Kernel ****** options IPFIREWALL_DEFAULT_TO_ACCEPT #firewall options IPDIVERT #divert sockets options IPFIREWALL_VERBOSE #print information about #options "IPFIREWALL_VERBOSE_LIMIT=3D100" #limit verbosity options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN options TCP_RESTRICT_RST #restrict emission of TCP RST *** rc.conf **** gateway_enable=3D"YES" firewall_enable=3D"YES" # Set to YES to enable firewall = functionality firewall_script=3D"/etc/rc.firewall" # Which script to run to set up = the firewall firewall_type=3D"open" # Firewall type (see /etc/rc.firewall) firewall_quiet=3D"YES" # Set to YES to suppress rule display natd_program=3D"/sbin/natd" # path to natd, if you want a different = one. natd_enable=3D"YES" # Enable natd (if firewall_enable =3D=3D = YES). natd_interface=3D"ep0" # Public interface or IPaddress to use. natd_flags=3D"-f /etc/natd.conf" # Additional flags for natd. **** natd.conf ****** dynamic yes use_sockets yes same_ports yes **** IPFW **** bash# ipfw list 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 deny ip from any to any bash# ------=_NextPart_000_0005_01C02F67.0740D440 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hello I am having problems = getting natd to=20 work correctly. I have BSD running as

the server with 2 NIC cards one has the = cable modem=20 plugged into it. The other is pluged into the HUB. I also have a Windows = box=20 plugged into the hub. From the Windows box I asigned a private IP = 192.168.0.5 =20 and the gateway as the private IP 192.168.0.1 that I asigned on my FreeBSD box for the NIC going into the = HUB. I also=20 asigned the IP addresses for the name servers in TCP/IP on the windows=20 box.

From the Windows Box I can ping the = gateway=20 192.168.0.1 and I can also ping the IP address asigned by my cable = provider but=20 I cannot ping past that or get web pages. I used the web sight http://www.mostgravecon= cern.com/freebsd/ as=20 a refference and below I have the configuration from my box. If anyone = has any=20 sugestions I would most apprecaite it.

Thanks = in=20 advance,

&nbs= p; =20 Mike F.

***** Kernel = ******

options        =20 IPFIREWALL_DEFAULT_TO_ACCEPT       &nb= sp;  =20 #firewall
options        =20 IPDIVERT           = ; =20 #divert sockets
options    =20 IPFIREWALL_VERBOSE   #print information=20 about
#options     = "IPFIREWALL_VERBOSE_LIMIT=3D100" #limit=20 verbosity
options    =20 TCP_DROP_SYNFIN      #drop TCP packets with=20 SYN+FIN
options    =20 TCP_RESTRICT_RST     #restrict emission of TCP=20 RST

*** rc.conf ****

gateway_enable=3D"YES"
firewall_enable=3D"YES"  &nb= sp;  =20 # Set to YES to enable firewall=20 functionality
firewall_script=3D"/etc/rc.firewall" # Which = script to run=20 to set up the=20 firewall
firewall_type=3D"open"       # = Firewall=20 type (see=20 /etc/rc.firewall)
firewall_quiet=3D"YES"     =   =20 # Set to YES to suppress rule = display
natd_program=3D"/sbin/natd" # path=20 to natd, if you want a different=20 one.
natd_enable=3D"YES"       &nbs= p; =20 # Enable natd (if firewall_enable =3D=3D=20 YES).
natd_interface=3D"ep0"       # = Public=20 interface or IPaddress to use.
natd_flags=3D"-f /etc/natd.conf" = #=20 Additional flags for natd.

**** natd.conf ******

dynamic yes
use_sockets = yes
same_ports=20 yes

**** IPFW ****

bash# ipfw list
00100 allow ip = from any to=20 any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip = from any=20 to any
65535 deny ip from any to any
bash#

------=_NextPart_000_0005_01C02F67.0740D440-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message