Date: Thu, 10 Jun 2004 04:26:03 +0200 From: Christian Hiris <4711@chello.at> To: freebsd-questions@freebsd.org Cc: asolomon15 <asolomon15@nyc.rr.com> Subject: Re: help setting up natd and ipfw on freebsd5.2.1 Message-ID: <200406100426.15786.4711@chello.at> In-Reply-To: <40C7C07E.2090602@nyc.rr.com> References: <40C7C07E.2090602@nyc.rr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_Hb8xARFbi2QjF2J Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 10 June 2004 03:59, asolomon15 wrote: > Hello all, > I tried to setup natd on my fbsd 5.2.1 box and fbsd 4.10 box with no > luck. What I wanted to do was to setup a gateway for my internal > network to my cable provider. On my server box I have two ethernet card > dc0 pointing to cable modem and dc1 pointing to hub so that the other > computers may connect with my bsd gateway. I managed recompile the > kernel with options IPFIREWALL and IPDIVERT and kernel compiled > successfully. > > Then I add natd, gateway and firewall to my rc.conf file > gateway_enable=3D"YES" > natd_enable=3D"YES' > natd_interface=3D"dc0" > firewall_enable=3D"YES" > firewall_type=3D"/etc/rc.firewall" You can use the standard firewall script in /etc/rc.firewall as is without= =20 modification, if you change natd_enable=3D"YES' to natd_enable=3D"YES" and= =20 firewall_type=3D"/etc/rc.firewall" to firewall_type=3D"OPEN".=20 > I wanted to ping an external and internal hosts to see if this > configuration worked so I really didn't want to have the firewall up > so I added these 3 lines to my rc.firewall file > > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via dc0 > /sbin/ipfw add pass from any to any > > I wasn't able to ping any host inside or outside of my computer. When I > disabled the ipfw I was able to ping them. Also I wanted to make sure > if I needed to configure a dns server on my firewall to allow such > services like http and ftp for internal hosts. I know that there are > more sophisticated ipfw setups but I wanted to just get the natd setup > so I could concentrate on the firewall later on. > > > Thanks if you can help > Antoine W. Solomon > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" =2D-=20 Christian Hiris <4711@chello.at> | OpenPGP KeyID 0x941B6B0B=20 OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu --Boundary-02=_Hb8xARFbi2QjF2J Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAx8bHcyi/EZQbawsRAtY9AKCIif+oebOZ2FGDmmKZ9CNQcDUMtACfbqvp KqwF+HE4Euhp4Jxv9s9AwWU= =bNmz -----END PGP SIGNATURE----- --Boundary-02=_Hb8xARFbi2QjF2J--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200406100426.15786.4711>