Date: Fri, 4 May 2001 15:01:20 -0400 From: "Christian S." <cschreiber@netrail.net> To: "Tim Erlin" <tperlin@yahoo.com>, "Greg Diamond" <greg.diamond@nurunnewyork.com>, <freebsd-newbies@freebsd.org> Subject: RE: FreeBSD gateway - what am i missing? Message-ID: <MPEGJCJPPBKNCNBGOHGDKEJFDGAA.cschreiber@netrail.net> In-Reply-To: <20010504161521.1438.qmail@web11707.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You may wish to try (After doing that) "ipfw add pass all from any to any" just to see if you can ping. After that, start tightening down the bolts (Obviously, delete the "ipfw" line I just gave you, once you've verified that it works) Smells like rulesets to me, but I could be wrong. Regards, Christian > -----Original Message----- > From: owner-freebsd-newbies@FreeBSD.ORG > [mailto:owner-freebsd-newbies@FreeBSD.ORG]On Behalf Of Tim Erlin > Sent: Friday, May 04, 2001 12:15 PM > To: Greg Diamond; 'freebsd-newbies@freebsd.org' > Subject: Re: FreeBSD gateway - what am i missing? > > > You're missing NAT. Go to > http://www.mostgraveconcern.com/freebsd/ and check the > "setting up a dual-homed host" link. That's where I > got most of the info below: > > Add to /etc/rc.conf > > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="open" > firewall_quiet="YES" > natd_enable="YES" > natd_interface="ep0" > natd_flags="-f /etc/natd.conf" > > Create /etc/natd.conf with > > use_sockets yes > > That should help. Once you get that running, you > should be able to do 'ipfw list' to see firewall rules > and 'top' should show natd running. > > Then ask questions on -questions. You're likely to get > a better response. > > --Tim > > --- Greg Diamond <greg.diamond@nurunnewyork.com> > wrote: > > I am trying to set up a FreeBSD box to act as a > > gateway (+ firewall/nat) > > > > I set up a box with 2 nic cards: > > rl0: IP 111.222.33.44 netmask 255.255.255.0 > > #public ip (static) - > > connected to DSL Modem > > dc0: IP 192.168.1.1 netmask 255.255.255.0 > > #internal ip - connected out > > to hub > > gateway_enabled="yes" > > default_router 111.222.33.1 #my isp assigned > > gateway > > > > i re-compiled the kernel to include > > options IPFIREWALL > > options IPDIVERT > > > > i connected my NT Server to the hub and assigned it > > IP 192.168.1.2 netmask 255.255.255.0 default gateway > > 192.168.1.1 > > > > i edited the `hosts` files on both my FreeBSD and NT > > machines > > also edited my desktop firewall on my NT box to > > allow local traffic > > > > i figured at this point i should be able to at least > > have my machines ping > > each other, but to no avail > > NT to FreeBSD --> request time out > > FreeBSD to NT --> `Permission Denied` > > > > i tried adding to no avail: > > route add -net 192.168.1.1/16 -interface dc0 > > and tried running the routed which just storms me > > with permission denied > > i have netstart run at boot time from the rc.local > > script > > > > what step am i missing? is there other info of my > > setup/config i need to > > post? > > i'm rather new to unix, and using FreeBSD as my > > learning box instead of a > > Linux distro. > > I've have pretty good luck so far the past few weeks > > with it, setting up > > x/kde/apache/mysql/php as a server/workstation with > > success.. been pretty > > happy as a newbie so far ;-) but stumped with this > > issue ;-( > > any help, or maybe a link to a good newbie walk thru > > for this setup.. i've > > been searching and hacking at it for a while without > > success. > > > > thanx > > Greg > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-newbies" in the body of > > the message > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Auctions - buy the things you want at great prices > http://auctions.yahoo.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-newbies" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>; iQA/AwUBOvL76CkK9qTvGvteEQI9lQCggrjbYU1+q3fO2eL6jdWTfPtPad4An30i K65SWmu9tqbU7Y0F/u0K/Uav =GhOz -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MPEGJCJPPBKNCNBGOHGDKEJFDGAA.cschreiber>