Date: Tue, 24 Oct 2017 23:20:40 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Trond.Endrestol@fagskolen.gjovik.no Cc: Efren Bravo <efrenba@gmail.com>, freebsd-questions@freebsd.org Subject: Re: Routing problem Message-ID: <20171024230440.N32145@sola.nimnet.asn.au> In-Reply-To: <mailman.87.1508846402.5945.freebsd-questions@freebsd.org> References: <mailman.87.1508846402.5945.freebsd-questions@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In freebsd-questions Digest, Vol 699, Issue 2, Message: 8 On Mon, 23 Oct 2017 22:30:26 +0200 (CEST) Trond Endrest?l <Trond.Endrestol@fagskolen.gjovik.no> wrote: > On Mon, 23 Oct 2017 15:19-0400, Efren Bravo wrote: > > > Hi there, > > > > I installed a FreeBSD 10.1 box and upgraded to 10.4. I tried to configure > > this box as a FW but I can't get ping works from inside LAN to outside > > world, neither any tcp/upd connection. Basic configs: > > > > router ip: 190.92.124.89 > > > > kernel (recompiled & installed OK): > > a lot of innecesary things disabled before recompilation > > --- > > options IPFILTER > > options IPFILTER_LOG > > options IPFILTER_LOOKUP > > options IPFILTER_DEFAULT_BLOCK > > > > /etc/rc.conf > > --- > > > #WAN > > ifconfig_re0="inet 190.92.124.90 netmask 255.255.255.248" > > Public IPv4 address space. > > > # LAN > > ifconfig_em0="inet 10.170.0.1 netmask 25.255.255.128" > > Private IPv4 address space. > > Do you plan on setting up NAT44 on this box? You should if you want > this setup to work as expected. Indeed, some variety of NAT daemon. But also .. > > defaultrouter="190.92.124.89" > > gateway_eanble="YES" .. that needs to be 'gateway_enable'. % grep -wA7 gateway_enable /etc/rc.d/routing After fixing /etc/rc.conf one can just run: # service routing restart or even (until next boot or routing restart) just: # sysctl net.inet.ip.forwarding=1 cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171024230440.N32145>