From owner-freebsd-questions@FreeBSD.ORG Tue May 13 23:00:32 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D80BB37B404 for ; Tue, 13 May 2003 23:00:32 -0700 (PDT) Received: from rawfire.torche.com (rawfire.torche.com [166.88.255.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 46C6F43F3F for ; Tue, 13 May 2003 23:00:31 -0700 (PDT) (envelope-from freebsd@rawfire.torche.com) Received: from rawfire.torche.com (localhost.torche.com [127.0.0.1]) by rawfire.torche.com (8.12.6/8.12.6) with ESMTP id h4E60Q0R050079; Tue, 13 May 2003 23:00:27 -0700 (PDT) (envelope-from freebsd@rawfire.torche.com) Received: from localhost (freebsd@localhost)h4E60Pnp050076; Tue, 13 May 2003 23:00:26 -0700 (PDT) Date: Tue, 13 May 2003 23:00:25 -0700 (PDT) From: Chris P To: Eduardo Viruena Silva In-Reply-To: <20030513121500.Q9633@Gina.esfm.ipn.mx> Message-ID: <20030513225920.P49404@rawfire.torche.com> References: <20030511202927.A827@rawfire.torche.com> <20030512033615.P88785@Gina.esfm.ipn.mx> <20030513070041.R8647@rawfire.torche.com> <20030513121500.Q9633@Gina.esfm.ipn.mx> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-questions@freebsd.org Subject: Re: NAT + 5.0-RELEASE #0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2003 06:00:33 -0000 On Tue, 13 May 2003, Eduardo Viruena Silva wrote: > On Tue, 13 May 2003, Chris P wrote: > > > OK, no responces.. so I went and tried it. Indeed you do need to tweak > > the kernel. However Its best to start with a fresh GENERIC kernel, and > > make your mods only a few at a time. Many mod's I had in my old did not > > work in the new. Plus the instructions for 4.8 are not exacting for 5.0, > > so you may have to play with things to get it all to work. Overall it was > > not too tough. > > > Sorry, Cris, when you asked if I really have installed that with FreeBSD > 5.0 I realize that I have not. > > So, I updated an old computer that we use as router in a private > network and everything worked ok with FreeBSD 5.0-RELEAE p7 > > And Yes, you have to modify your kernel... > > I think that you are right, making modifications in your kernel > description, one at the time, will make you step on solid ground if > something goes wrong. If you proceed with GENERIC kernel, just remember > that you only need two more lines in your kernel description: > > options IPDIVERT > options IPFIREWALL > > so, if you add them it will work. > > Your network configuration will not work if you don't specify in rc.conf > firewall_enable=YES and firewall_type="filename", filename is a file with > your firewall configuration or you can set it to OPEN to make your tests. > > Good luck. > Yeap.. Just like I said, anyone doing this really should modify the new generic one step at at a time. There is a few things that are diff now. C.