From owner-freebsd-questions@FreeBSD.ORG Thu Jun 11 09:18:12 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9459A106564A for ; Thu, 11 Jun 2009 09:18:12 +0000 (UTC) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Received: from wojtek.tensor.gdynia.pl (wojtek.tensor.gdynia.pl [IPv6:2001:4070:101:2::1]) by mx1.freebsd.org (Postfix) with ESMTP id 8952B8FC13 for ; Thu, 11 Jun 2009 09:18:11 +0000 (UTC) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Received: from wojtek.tensor.gdynia.pl (localhost [IPv6:::1]) by wojtek.tensor.gdynia.pl (8.14.3/8.14.3) with ESMTP id n5B9I5ST022558; Thu, 11 Jun 2009 11:18:05 +0200 (CEST) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Received: from localhost (wojtek@localhost) by wojtek.tensor.gdynia.pl (8.14.3/8.14.3/Submit) with ESMTP id n5B9I55s022555; Thu, 11 Jun 2009 11:18:05 +0200 (CEST) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Date: Thu, 11 Jun 2009 11:18:05 +0200 (CEST) From: Wojciech Puchar To: Anton In-Reply-To: <505626234.20090611112828@sng.by> Message-ID: References: <505626234.20090611112828@sng.by> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD as a router X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Jun 2009 09:18:12 -0000 > For entire time I have been making everything with Windows, but now > I'm stumbled upon problem, where only router on FreeBSD + IPFW could > help me. > I have installed FreeBSD, compiled kernel, found how to launch VPN > connection to ISP. But, further, I don't know how to go :-( > > I could not figure out how to start natd and make routing with next > rules: > 1) Connection to Internet are made via VPN to ISP, but ISP have > some internal resources free of charge, which are accessible > without VPN. How to explain natd and ipfw that all users may go to > these free resources without pipe and unlimited to all users > 2) How to give all users right to go to the Internet by UDP > 27015-27050 and TCP 27015-27050 (Steam) with pipe. natd is now part of ipfw (but older userland natd is still available) man ipfw Yes it's complex but DO SPEND FEW HOURS and read in from beginning to end! I did the same some time ago and it's really worth of it. Both point 1 and 2 is just simple thing for that great tool, just make rule for "free resources" with skipto command, or reverse rule matching queue command. After reading, feel free to post me priv for some help, but i don't think you'll need it.