Date: Tue, 24 Oct 2017 11:54:59 -0400 From: Efren Bravo <efrenba@gmail.com> To: Ian Smith <smithi@nimnet.asn.au> Cc: Trond.Endrestol@fagskolen.gjovik.no, freebsd-questions@freebsd.org Subject: Re: Routing problem Message-ID: <CAC-QnVUodCckdVE1Whaz7xm3DEzGNSF1hAgtEaVi4sP0GB58ZA@mail.gmail.com> In-Reply-To: <20171024230440.N32145@sola.nimnet.asn.au> References: <mailman.87.1508846402.5945.freebsd-questions@freebsd.org> <20171024230440.N32145@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
@Ian Smith: gateway_enable="YES" I wrote ok, was my mistake when I copy it into the email and sysctl net.inet.ip.forwarding=1. thanks @Trond Endrestol I didn't know about all those NATs (NAT44, NAT444, NAT64, etc), when I installed a fw box 10 years ago they didn't exist, I think, because I followed the same config and it worked. Now, the question is, how to make it work? thanks 2017-10-24 8:20 GMT-04:00 Ian Smith <smithi@nimnet.asn.au>: > In freebsd-questions Digest, Vol 699, Issue 2, Message: 8 > On Mon, 23 Oct 2017 22:30:26 +0200 (CEST) > Trond Endrest?l <Trond.Endrestol@fagskolen.gjovik.no> wrote: > > On Mon, 23 Oct 2017 15:19-0400, Efren Bravo wrote: > > > > > Hi there, > > > > > > I installed a FreeBSD 10.1 box and upgraded to 10.4. I tried to > configure > > > this box as a FW but I can't get ping works from inside LAN to outside > > > world, neither any tcp/upd connection. Basic configs: > > > > > > router ip: 190.92.124.89 > > > > > > kernel (recompiled & installed OK): > > > a lot of innecesary things disabled before recompilation > > > --- > > > options IPFILTER > > > options IPFILTER_LOG > > > options IPFILTER_LOOKUP > > > options IPFILTER_DEFAULT_BLOCK > > > > > > /etc/rc.conf > > > --- > > > > > #WAN > > > ifconfig_re0="inet 190.92.124.90 netmask 255.255.255.248" > > > > Public IPv4 address space. > > > > > # LAN > > > ifconfig_em0="inet 10.170.0.1 netmask 25.255.255.128" > > > > Private IPv4 address space. > > > > Do you plan on setting up NAT44 on this box? You should if you want > > this setup to work as expected. > > Indeed, some variety of NAT daemon. But also .. > > > > defaultrouter="190.92.124.89" > > > gateway_eanble="YES" > > .. that needs to be 'gateway_enable'. > > % grep -wA7 gateway_enable /etc/rc.d/routing > > After fixing /etc/rc.conf one can just run: > # service routing restart > > or even (until next boot or routing restart) just: > # sysctl net.inet.ip.forwarding=1 > > cheers, Ian > -- ---------------- Efren Bravo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAC-QnVUodCckdVE1Whaz7xm3DEzGNSF1hAgtEaVi4sP0GB58ZA>