Date: Thu, 6 May 1999 09:42:54 -0500 From: =?iso-8859-1?Q?Alejandro_Ram=EDrez?= <ales@megared.net.mx> To: "Kevin Bogac" <kbogac@ibm.net>, <freebsd-questions@freebsd.org> Subject: RE: natd question Message-ID: <008901be97ce$b9c97f40$f9fbf8cf@megared.net.mx> References: <001c01be9766$cf4979f0$0701a8c0@ibm.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
You should try to recompile your kernel with the following options
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT
The first line includes basic IP Firewall support. Second line configures
ipfw to be able to log accepted or rejected packets. Third line is very
important. It does exactly what it says: accept any connections and packets
from anywhere by default, and the fourth line is for divert pakages to natd.
Make sure that your machine is acting as a gateway. This can be done by
specifying the line gateway_enable=YES in /etc/rc.conf, and also you must to
specify firewall_enable=YES, and in firewall_type=UNKNOWN in /etc/rc.conf,
at this moment natd should work but the firewall is completely open, so you
must close anything you want from now.
Ales
I cannot get natd to work. I have searched through all of the information I
can find and my configuration seems correct. If I enable natd the interface
blocks traffic. I'm getting a line in the system messages that says
"/kernel: IP packet filtering initialized, divert disabled, rule-based
forwarding disabled, logging disabled". I built the kernel with the two
additional options. Did I miss something? Does the default rc.firewall work?
Thanks,
Kevin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008901be97ce$b9c97f40$f9fbf8cf>