From owner-freebsd-questions Wed Aug 14 5:20:10 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B680237B400 for ; Wed, 14 Aug 2002 05:20:06 -0700 (PDT) Received: from mail.thundernet.cz (mail.thundernet.cz [62.77.87.114]) by mx1.FreeBSD.org (Postfix) with SMTP id 5B65743E65 for ; Wed, 14 Aug 2002 05:20:00 -0700 (PDT) (envelope-from neuhauser@bellavista.cz) Received: (qmail 410 invoked from network); 14 Aug 2002 12:19:48 -0000 Received: from unknown (HELO freepuppy.bellavista.cz) (62.168.44.50) by mail.thundernet.cz with SMTP; 14 Aug 2002 12:19:48 -0000 Received: by freepuppy.bellavista.cz (Postfix, from userid 1001) id E392166; Wed, 14 Aug 2002 14:19:37 +0200 (CEST) Date: Wed, 14 Aug 2002 14:19:36 +0200 From: Roman Neuhauser To: "r.query" Cc: "freebsd-questions@FreeBSD.ORG" Subject: Re: Question re firewall and configuration Message-ID: <20020814121936.GP389@freepuppy.bellavista.cz> Mail-Followup-To: "r.query" , "freebsd-questions@FreeBSD.ORG" References: <3D598F3A.7010301@owt.com> <0H0U009T71SAG8@mtaout01.icomcast.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0H0U009T71SAG8@mtaout01.icomcast.net> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Date: Wed, 14 Aug 2002 08:10:20 -0400 > From: "r.query" > Subject: Question re firewall and configuration > To: "freebsd-questions@FreeBSD.ORG" please, have your mua break lines at about 72 chars, please. oh, and breaking text into shorter paragraphs makes the text easier to read, improving your chances of getting replies. > I have several machines I use as firewalls using FreeBSD-STABLE and > IPFILTER. When I want to rebuild or update one, what I would like to > do is to run it as a regular client machine behind a(nother) firewall > machine and cvsup from there. What I have attempted to do in this > case is to modify rc.conf to shut off one of the nic cards (the one > assigned the outside or internet side of the network), shut off the > kernel security option, shut off ipnat and ipfilter, reboot the > machine and run cvsup. However, whenever I have tried this, I can > never ping my local gateway or any other machine on my local network. > I just get a "no route to host" error. I know this must be some > simple error on my part, but I have not been able to find anything in > posts on Google that have been helpful. Can someone here tell me > where I am confused and messing this up? Thanks for any help. i'll hazard to say that you forget to set gateway_enable="NO" and defaultrouter="1.2.3.4" in your /etc/rc.conf -- FreeBSD 4.6-STABLE 2:16PM up 5 days, 2:11, 16 users, load averages: 1.04, 1.02, 0.69 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message