From owner-freebsd-questions  Wed Oct 24  2:29:46 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from web13305.mail.yahoo.com (web13305.mail.yahoo.com [216.136.175.41])
	by hub.freebsd.org (Postfix) with SMTP id 34E5837B407
	for <questions@freebsd.org>; Wed, 24 Oct 2001 02:29:43 -0700 (PDT)
Message-ID: <20011024092942.48196.qmail@web13305.mail.yahoo.com>
Received: from [193.174.9.99] by web13305.mail.yahoo.com via HTTP; Wed, 24 Oct 2001 11:29:42 CEST
Date: Wed, 24 Oct 2001 11:29:42 +0200 (CEST)
From: =?iso-8859-1?q?m=20p?= <sumirati@yahoo.de>
Subject: Re: bridging without ipfw
To: junf@wavephil.com
Cc: questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG



Rick Hunter wrote:
> 
> Hello,
> 
> I am running 4.3-RELEASE with the following additional
> kernel options set on the GENERIC kernel config file:
> 
> options         IPFIREWALL
> options         IPFIREWALL_VERBOSE
> options         IPFIREWALL_FORWARD
> options         IPFIREWALL_DEFAULT_TO_ACCEPT
> options         IPDIVERT
> options         IPFILTER
> options         IPFILTER_LOG
> options         IPSTEALTH
> options         DUMMYNET
> options         QUOTA
> options         NMBCLUSTERS=32768
> options         BRIDGE
> 
> Compiled kernel successfully and installed it. Add
> 
> net.link.ether.bridge=1
> net.inet.ip.forwarding: 1
> 
> to sysctl.conf. Then, rebooted the machine. This is my
> network setup
> 
> +--------+         +----------+
> |   PC   +A-------B+ BRIDGE   +C------[192.168.1.0/27]
> +--------+    ^    +----------+       [    Network   ]
>               |
>          cross cable
> 
> where
> 
> A -- 192.168.1.5/27
> B -- (no address)
> C -- 192.168.1.30/27
> 
> PROBLEM:
> PC cannot ping the outside network.
> The outside network cannot ping the PC.
> Therefore, bridge is not working.
> 
> I have gone through all BRIDGE documentations. And I
> think I have followed everything (I think). Anything
> that I missed out ???
> 

Hi Rick,

the default rule for ipfw is "deny all". If you had not added "allow what i
want" to ipfw it will not forward any pakets because of your rulebase.

Take a look at your /etc/rc.conf and /etc/rc.firewall which type you had choose
and modify it to fit for you.

Hope that helps

Marc


__________________________________________________________________

Es ist soweit: das Nokia Game beginnt. Sei bereit für das multimediale Abenteuer. Melde dich bis zum 3. November bei http://de.promotions.yahoo.com/info/nokiagame an!

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message