From owner-freebsd-questions Thu May 6 7:44:49 1999 Delivered-To: freebsd-questions@freebsd.org Received: from megamail.megared.net.mx (unknown [207.249.163.2]) by hub.freebsd.org (Postfix) with SMTP id E8EB714D53 for ; Thu, 6 May 1999 07:44:47 -0700 (PDT) (envelope-from ales@megared.net.mx) Received: from [207.248.251.249] by megamail.megared.net.mx (NTMail 3.03.0017/4c.ab3r) with ESMTP id xa192397 for ; Thu, 6 May 1999 09:42:39 -0500 Message-ID: <008901be97ce$b9c97f40$f9fbf8cf@megared.net.mx> From: =?iso-8859-1?Q?Alejandro_Ram=EDrez?= To: "Kevin Bogac" , References: <001c01be9766$cf4979f0$0701a8c0@ibm.net> Subject: RE: natd question Date: Thu, 6 May 1999 09:42:54 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, You should try to recompile your kernel with the following options options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT The first line includes basic IP Firewall support. Second line configures ipfw to be able to log accepted or rejected packets. Third line is very important. It does exactly what it says: accept any connections and packets from anywhere by default, and the fourth line is for divert pakages to natd. Make sure that your machine is acting as a gateway. This can be done by specifying the line gateway_enable=YES in /etc/rc.conf, and also you must to specify firewall_enable=YES, and in firewall_type=UNKNOWN in /etc/rc.conf, at this moment natd should work but the firewall is completely open, so you must close anything you want from now. Ales I cannot get natd to work. I have searched through all of the information I can find and my configuration seems correct. If I enable natd the interface blocks traffic. I'm getting a line in the system messages that says "/kernel: IP packet filtering initialized, divert disabled, rule-based forwarding disabled, logging disabled". I built the kernel with the two additional options. Did I miss something? Does the default rc.firewall work? Thanks, Kevin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message