From owner-freebsd-net Wed May 26 3:37:38 1999 Delivered-To: freebsd-net@freebsd.org Received: from www.inx.de (www.inx.de [195.21.255.251]) by hub.freebsd.org (Postfix) with ESMTP id 245FB15237 for ; Wed, 26 May 1999 03:37:35 -0700 (PDT) (envelope-from jnickelsen@acm.org) Received: from n31-87.berlin.snafu.de ([195.21.31.87] helo=goting.jn.berlin.snafu.de) by www.inx.de with esmtp (Exim 2.12 #2) id 10mb42-0006yi-00; Wed, 26 May 1999 12:37:34 +0200 Received: from ockholm.jn.berlin.snafu.de (ockholm.jn.berlin.snafu.de [10.0.0.3]) by goting.jn.berlin.snafu.de (Postfix) with ESMTP id D769C13D; Wed, 26 May 1999 01:31:34 +0200 (CEST) Date: Wed, 26 May 1999 01:31:44 +0200 From: Juergen Nickelsen To: Shawn Workman Cc: freebsd-net@FreeBSD.ORG Subject: Re: Just a question Message-ID: <491041.3136671104@ockholm.jn.berlin.snafu.de> In-Reply-To: <00b001bea6d4$3402aa20$24a535cf@ieasoftware.com> Originator-Info: login-id=nickel; server=goting.jn.berlin.snafu.de X-Mailer: Mulberry (MacOS) [1.4.2.1, s/n U-301240] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --On Die, 25. Mai 1999 10:29 -0700 Shawn Workman wrote: > I just built a FreeBSD box that has 2 Intel pro 100b cards in it > (fxp0, fxp1) > > I have rebuilt my kernel and enabled the firewall, bridging, and > dummynet. Do you really need bridging and dummynet? For a router with NAT, you usually don't. > fxp1 is the interface to the internet and fxp0 is the interface to > the LAN. [...] > I am running NATD in the following manner > > natd -interface fxp0 > > if I run it on fxp1 then I can no longer get to the internet. The NATd should actually run on the outer interface. Have you set up your firewall rules right? Look into /etc/rc.firewall; start with the "simple" setup and adapt it to your needs. Either do it the hard way like I did (guess what you need, set up the rules, and learn from your mistakes) or read the firewall book from O'Reilly ("Build Internet Firewalls" or the like); it is said yo be quite helpful. Greetings, Juergen. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message