From owner-freebsd-questions Tue Mar 4 10:21:26 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9273137B405 for ; Tue, 4 Mar 2003 10:21:23 -0800 (PST) Received: from smtp016.mail.yahoo.com (smtp016.mail.yahoo.com [216.136.174.113]) by mx1.FreeBSD.org (Postfix) with SMTP id 233AB44424 for ; Tue, 4 Mar 2003 10:18:24 -0800 (PST) (envelope-from kaeru@pd.jaring.my) Received: from unknown (HELO ?219.93.86.251?) (khairil?yusof@219.93.86.251 with plain) by smtp.mail.vip.sc5.yahoo.com with SMTP; 4 Mar 2003 18:17:33 -0000 Subject: natd not working :( From: Khairil Yusof Reply-To: kaeru@pd.jaring.my To: freebsd-questions@freebsd.org Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-8xPOqBoZZX9jastcTcG7" Organization: Message-Id: <1046801837.578.289.camel@daemon.home.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.2 Date: 05 Mar 2003 02:17:18 +0800 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-8xPOqBoZZX9jastcTcG7 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable I'm having problems being a gateway for my freebsd box at home (I can acccess internet, but others can't). I have no problem to use the internet from my freebsd box with or without the natd rule enabled. This is what is puzzling me. I can access the outside net, through natd and via tun0, so natd must be working. Again I confirmed this by the count on ipfw rule which is showing that I am going through natd via the divert rule. What is it other than gateway, and natd that might be causing packets not be routed properly for the other clients? I've checked that the gateway ip and tcpip connection is ok for the clients also. Any help would be much appreciated as always. fxp0 =3D conneciton to local network fxp1 =3D pppoe device that ppp uses tun0 I've confirmed that, net.inet.ip.forwarding: 1 and here's my setup: in rc.conf gateway_enable=3D"YES" ppp_enable=3D"YES" ppp_mode=3D"ddial" ppp_profile=3D"streamyx" firewall_enable=3D"YES" firewall_script=3D"/etc/ipfw.rules" firewall_quiet=3D"NO" log_in_vain=3D"NO" natd_enable=3D"YES" natd_interface=3D"tun0" natd_flags=3D"-dynamic" and my simple firewall rules (I've deleted stuff which is not important and working like dns, ntp etc.): #firewall command fwcmd=3D"/sbin/ipfw" =20 # Force a flushing of the current rules before we reload. $fwcmd -f flush ##### RULES FOR INTERNAL NETWORK ###### # Setup localhost $fwcmd add allow ip from any to any via lo0 $fwcmd add allow any from any to any via fxp0 # Divert all packets through the tunnel interface. $fwcmd add divert natd all from any to any via tun0 --=-8xPOqBoZZX9jastcTcG7 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQA+ZO2tDAqnLW/+/X8RAoe9AKCnVzXXgA9QA43zNOygdifnICOUrACfdzYd hmrpu08ryWEgzKWAu5Vf044= =HwSC -----END PGP SIGNATURE----- --=-8xPOqBoZZX9jastcTcG7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message