Date: Wed, 20 Nov 2002 18:18:01 -0500 From: Constantine <cnst@rbcmail.ru> To: Marc Perisa <perisa@porsche.de> Cc: Derrick Ryalls <ryallsd@datasphereweb.com>, freebsd-questions@FreeBSD.org Subject: Re: FreeBSD gateway Message-ID: <3DDC1829.1080106@rbcmail.ru> References: <004201c29047$2e762e50$0200a8c0@bartxp> <3DDB0D2C.6010601@porsche.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Marc Perisa wrote: > Derrick Ryalls wrote: > >>> Hello! >>> I have installed FreeBSD 4.7 recently, and it seems it does not want >>> to work as a gateway. I have two network cards in my FreeBSD >>> computer, fxp0 for LAN and sis0 for the cable modem. I am new to >>> FreeBSD, so I am confused what the difference between gateways and >>> routers is (I was thinking they link to the same thing). I can ping >>> my FreeBSD box from winxp, I can ping internet from remote session to >>> FreeBSD, but I cannot ping internet from my winxp. >>> My winxp has ip 192.168.0.1, netmask 255.255.255.0, and gateway >>> 192.168.0.18 settings. Now FreeBSD /etc/rc.conf follows: >>> >>> gateway_enable="YES" >>> kern_securelevel_enable="NO" >>> nfs_reserved_port_only="YES" >>> ifconfig_sis0="DHCP" >>> ifconfig_fxp0="inet 192.168.0.18 netmask 255.255.255.0" >>> #router_enable="YES" # from handbook gateway_enable="YES" >>> firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" >>> natd_interface="sis0" >> > >>natd_flags="" #/ handbook > >> >> >> Are your ip's reversed? I think the gateway should have the .1 address >> and the xp box should use the .18 > > > Nope. He set his FreeBSD box to the IP 192.168.0.18 and his Windows XP > box to 192.168.0.1 . All is ok with that. It is only uncommon to do. > Normally you would give the defaultgateway for a network x.y.z.1 or > x.y.z.254 . But it is not forbidden to set it to any IP in that subnet. > >> >> Are you using the default kernel? If so, you will need to add a couple >> lines are recompile. >> >> options IPFIREWALL #firewall >> options IPDIVERT #divert sockets >> >> as for the difference between a router and a gateway, a gateway is a >> machine to deal with going from one network (lan) to another network >> (wan), I think. >> > > From your point of view (as needed for this problem) routers and > gateways are the same. In this case the FreeBSD box is acting as a > router for your internal net to the Internet. A simple router would do > the same. But for more complex routing you have to either setup gated > (or similar software) or add all rules (if they are static) by hand. > A gateway is the simplest form of a router. > >>> The last two lines from dmesg: >>> IP packet filtering initialized, divert disabled, rule-based >>> forwarding enabled, default to deny, logging disabled >>> ip_fw_ctl: invalid command >> > > That hints to a problem with the /etc/rc.firewall script (which is > called when you add to /etc/rc.conf firewall_enable="YES"). > > Please provide us with the output of "ipfw list". (You have to do that > as root of course). I think your firewall ruleset is not tuned for a > gateway situation. > > Hope that helps > > Marc > > # ipfw show 00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 8102 5158330 allow ip from any to any 65535 1 60 deny ip from any to any I want FreeBSD to act as a simple gateway for my LAN, but for some reason it does not want to work that way, though I have confirmed to the installation programme that I want FreeBSD to function as a gateway. What are the simplest steps I need to follow to make FreeBSD act as a gateway? (I have a fresh 4.7R installation) Thanks. Constantine To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DDC1829.1080106>