From owner-freebsd-questions Thu Jul 2 00:26:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA21802 for freebsd-questions-outgoing; Thu, 2 Jul 1998 00:26:22 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA21797 for ; Thu, 2 Jul 1998 00:26:21 -0700 (PDT) (envelope-from dwhite@resnet.uoregon.edu) Received: from localhost (dwhite@localhost) by resnet.uoregon.edu (8.8.5/8.8.8) with SMTP id AAA28296; Thu, 2 Jul 1998 00:25:26 -0700 (PDT) (envelope-from dwhite@resnet.uoregon.edu) Date: Thu, 2 Jul 1998 00:25:25 -0700 (PDT) From: Doug White To: johnson@calvin.nrtc.northrop.com cc: freebsd-questions@FreeBSD.ORG Subject: Re: help requested with IP_DIVERT (also networking issues) In-Reply-To: <9806282150.AA20757@calvin.nrtc.northrop.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 28 Jun 1998 johnson@calvin.nrtc.northrop.com wrote: > I am trying to get NATD working on a FreeBSD 2.2.6 system. The > documentation said I needed to rebuild my kernel with the IP_DIVERT > option. I did this, installed the new kernel, and then rebooted. > > During the boot process I got the following horrifying message: > > /dev/wd0s2a on /: specified device does not match mounted device > > Then I got dumped into the single-user shell. I forlornly tried > `mount /' from there, but got the same result. > > Fortunately, some considerate person 'way back when set kernel > installation up so that /kernel got copied to /kernel.old as part > of the process of installing new kernels. In this case I was saved > by that: I rebooted kernel.old and things came up fine again. > > Could someone provide advice as to what is going wrong with IP_DIVERT? Make sure yo upgrade userland and the kernel at the same time, otherwise Bad Things may happen. Also edit /etc/fstab before booting your new kernel and make sure the device spec for the root filesystem is complete, ie /dev/wd0s2a and not /dev/wd0. > My goal is to have a firewall FreeBSD machine, and three machines > behind the firewall. One of those would be a second FreeBSD machine, > and the other two would be Win95 machines. For the latter two machines, > the only access to the net would be through Netscape Communicator. ok. > I have installed ethernet cards in two test machines, and am trying > to get them set up. (After I get them set up, I will wire the other > machines.) So far, I can get the two machines to talk to each other > either as Win95 machines or as FreeBSD machines. I can get the firewall > machine to talk to the outside world. At the moment, that's where I'm > stuck. I can't get the test machine to talk to the outside world either > as a FreeBSD machine (telnet, ftp, etc.) or as a Win95 machine from > Netscape. ok. > My ISP gave me a static IP address, which I use with the ppp0 > interface on the firewall machine. The firewall machine is set up > as 192.168.3.1 on ed1, its ethernet device, and the other test machine > is set up as 192.168.3.2 on its ethernet device (ed2 for some reason). > I currently boot the firewall machine (firewalling enabled in > rc.conf), then log in, manually get ppp going, and then manually start > routed, named, and socks5. mountd, nfs, and Samba are started > automatically during the boot process. mountd and nfs seem to work: > I can cross-mount file systems between the two machines. Do you have gateway_enable set as well in /etc/rc.conf? > I'm provisionally assuming that my problem is that the test machine > is on the 192.168 subnet, which does not get routed to the outside > world. (What is the usual procedure for people that have multiple > machines at home as far as getting IP addresses? Get an IP address > that is visible on the net for each machine? Have one net-visible IP > address and have the other machines on an invisible 192.168 local net?) > Are SOCKS and NATD meant to be used together? It's redundant. natd will transparently translate the connections -- the apps won't know what's happening. > It seems that my life would be a lot easier if I had multiple > Internet visible IP addresses. Is this what people with multiple > at-home machines usually do? Now now with the IP address crunch. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message