From owner-freebsd-questions Thu May 6 18: 9:37 1999 Delivered-To: freebsd-questions@freebsd.org Received: from out2.ibm.net (out2.ibm.net [165.87.194.229]) by hub.freebsd.org (Postfix) with ESMTP id AD9C614BFE for ; Thu, 6 May 1999 18:09:34 -0700 (PDT) (envelope-from kbogac@ibm.net) Received: from ntws2 (slip-129-37-40-86.il.us.ibm.net [129.37.40.86]) by out2.ibm.net (8.8.5/8.6.9) with SMTP id BAA27066 for ; Fri, 7 May 1999 01:09:29 GMT Message-ID: <012701be9827$40a2cc30$0701a8c0@ibm.net> From: "Kevin Bogac" To: References: <001c01be9766$cf4979f0$0701a8c0@ibm.net> <008901be97ce$b9c97f40$f9fbf8cf@megared.net.mx> Subject: Re: natd question Date: Thu, 6 May 1999 20:15:26 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thanks! I misunderstood what I read. I though I only needed one of the kernel options not all four. I guess I should learn to ask questions sooner. Must be a gender thing. Oh well, I didn't want to keep all of my hair forever anyway. ----- Original Message ----- From: Alejandro Ramírez To: Kevin Bogac ; Sent: Thursday, May 06, 1999 9:42 AM Subject: RE: natd question > > Hi, > > You should try to recompile your kernel with the following options > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT > > The first line includes basic IP Firewall support. Second line configures > ipfw to be able to log accepted or rejected packets. Third line is very > important. It does exactly what it says: accept any connections and packets > from anywhere by default, and the fourth line is for divert pakages to natd. > > Make sure that your machine is acting as a gateway. This can be done by > specifying the line gateway_enable=YES in /etc/rc.conf, and also you must to > specify firewall_enable=YES, and in firewall_type=UNKNOWN in /etc/rc.conf, > at this moment natd should work but the firewall is completely open, so you > must close anything you want from now. > > Ales > > I cannot get natd to work. I have searched through all of the information I > can find and my configuration seems correct. If I enable natd the interface > blocks traffic. I'm getting a line in the system messages that says > "/kernel: IP packet filtering initialized, divert disabled, rule-based > forwarding disabled, logging disabled". I built the kernel with the two > additional options. Did I miss something? Does the default rc.firewall work? > > Thanks, > Kevin > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message