From owner-freebsd-questions@FreeBSD.ORG Tue Aug 23 18:23:06 2005 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E252D16A43B for ; Tue, 23 Aug 2005 18:23:06 +0000 (GMT) (envelope-from pavel.jordak@siemens.com) Received: from mxs1.siemens.at (mxs1.siemens.at [194.138.12.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id 409C843D48 for ; Tue, 23 Aug 2005 18:23:05 +0000 (GMT) (envelope-from pavel.jordak@siemens.com) Received: from vies1k7x.sie.siemens.at ([158.226.129.83]) by mxs1.siemens.at with ESMTP id j7NIN4TS022444; Tue, 23 Aug 2005 20:23:04 +0200 Received: from smtp.prgpu.anfdata.cz ([158.226.129.97]) by vies1k7x.sie.siemens.at (8.12.11/8.12.1) with ESMTP id j7NIN34M012324; Tue, 23 Aug 2005 20:23:04 +0200 Received: from gw.anfdata.cz (gw.anfdata.cz [163.242.71.125]) by smtp.prgpu.anfdata.cz (Postfix) with ESMTP id 8C63D26852; Tue, 23 Aug 2005 20:23:03 +0200 (CEST) Received: from 158.226.252.127 (SquirrelMail authenticated user jordak) by gw.anfdata.cz with HTTP; Tue, 23 Aug 2005 20:31:43 +0200 (CEST) Message-ID: <31317.158.226.252.127.1124821903.squirrel@gw.anfdata.cz> In-Reply-To: <20050822132842.37868.qmail@web33904.mail.mud.yahoo.com> References: <20050822132842.37868.qmail@web33904.mail.mud.yahoo.com> Date: Tue, 23 Aug 2005 20:31:43 +0200 (CEST) From: Pavel =?iso-8859-2?Q?Jord=E1k?= To: "gary masigon" User-Agent: SquirrelMail/1.4.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-2 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: questions@freebsd.org Subject: Re: NAT server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Aug 2005 18:23:07 -0000 On 22 Srpen 2005, 15:28, gary masigon napsal(a): > Hi, i need help to setup my freebsd as a NAT server, i > cannot ping the external gateway from the client side > of my FreeBSD server but i can ping the FreeBSD > server. I followed all the instructions in the hand > book but i cannot get the client side to connect to > any www. freebsd server can ping the clients and the > gateway, i am using a private ip address of > 192.168.x.x in my external LANcard because i am behind > a router and 10.0.0.0 in my int. it is also okay to > edit the kernel instead of recompilig it to make IPFW > works. tnx > Hi, Gary, I absolutely don't want start any flame war about ipfw, pf etc. I would only like to tell you about my private experience: For times I tried to manage my various NAT/firewall/router setups with ipfw (it worked nearly every time but I was newer really sure that I did know, what I had done ;-|. Then, after OpenBSD's pf got to be adapted for FreeBSD standard kernel, it was all clear for me. There is an excelent doc about pf, which answers all questions and gives some good examples: http://www.openbsd.org/faq/pf/index.html It is written by OpenBSD folks for OpenBSD but fits for FreeBSD without changes. Good luck, Pavel Jordak.