Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 2 Jul 2004 08:40:28 -0600
From:      Nathan Kinkade <nkinkade@ub.edu.bz>
To:        Tony Liew <tonylth@pd.jaring.my>
Cc:        freebsd-questions@FreeBSD.org
Subject:   Re: Problem with gateway and ipfw in FreeBSD 5.2
Message-ID:  <20040702144028.GQ4185@gentoo-npk.bmp.ub>
In-Reply-To: <40E4D519.20605@pd.jaring.my>
References:  <40E4D519.20605@pd.jaring.my>
next in thread | previous in thread | raw e-mail | index | archive | help 

--LZ92CUgs0ha736zO
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 02, 2004 at 11:23:05AM +0800, Tony Liew wrote:
> Hi,
>=20
> Currently I am trying out FreeBSD 5.2.
>=20
> SDSL modem
>    |
> FreeBSD Router
>    |
> Internal network
>=20
> My problem, from FreeBSD I can ping outside and inside network.
> from Internal network, I can ping internal interface and external=20
> interface of FreeBSD Router. But I cannot ping the modem IP address so=20
> goes public DNS server on the internet.
>=20
> I have in my KERNEL:
> options   BRIDGE
> options   DIVERT
> options   IPFIREWALL
> options   IPFIREWALL_DEFAULT_TO_ACCEPT
>=20
> rc.conf
> gateway_enable=3D"YES"
> defaultrouter=3D"<modem ip>"
> firewall_enable=3D"YES"
> firewall_type=3D"OPEN"
> natd_interface=3D"<external interface>"
> natd_enable=3D"YES"
> router_enable=3D"YES"
>=20
> sysctl.conf
>=20
> net.link.ether.bridge.enable=3D1
> net.link.ether.bridge.config=3Dexternal interface, internal interface
> net.link.ether.bridge.ipfw=3D1
>=20
>=20
> client on the internal network cannot connect to the internet. Any=20
> suggestion?
>=20
> Thanks a lot.
>=20
> Regards,
> Tony Liew

Why do you have bridging enabled?  Trying turning off bridging:
	net.link.ether.bridge.enable=3D0
And then make sure that you have the FW enabled:
	net.inet.ip.fw.enable=3D1

Nathan
--=20
PGP Public Key: pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xD8527E49

--LZ92CUgs0ha736zO
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA5XPbO0ZIEthSfkkRAqFSAJ0UPvPjoqlGL7yiWfB5jkYp1cMNWgCg3rm2
GQfp/A93Wjb1gwktf84icHg=
=Tip+
-----END PGP SIGNATURE-----

--LZ92CUgs0ha736zO--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040702144028.GQ4185>