Date: Fri, 25 Jun 1999 09:46:08 +0200 From: Thierry Herbelot <Thierry.Herbelot@alcatel.fr> To: "David B. Aas" <dave@ciminot.com> Cc: questions@FreeBSD.ORG Subject: Re: I can't get ipfw and natd to work! Message-ID: <377333C0.A981747E@telspace.alcatel.fr> References: <000201bebeb0$ab280200$0fc8a8c0@dave.ciminot.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"David B. Aas" wrote: > > Help, Please! > > I am trying to get ipfw and natd to work on a "simple" firewall. I have been > using the instructions in the Complete FreeBSD book by Greg Lehey, and using > defaults to set this thing up. That didn't work. I tried email > correspondence with Dan Busarow, and I stumped him. > > I am using an FTP install of 3.2-RELEASE. I recompiled my kernel with the > IPDIVERT and IPFIREWALL options. I have a permanant Internet connection at > 208.149.231.25. My external IP is 208.149.231.29 on device xl1. My internal > device, xl0 is set for IP 192.168.100.254. > > I cannot ping to the outside world. I get an error message "natd[122]: > failed to write packet back (permission denied)". I want to hook up Windows > computers to my network, use RFC1918 net addresses inside my network, and > share a fast connection to the Internet on my network. This is not rocket > science, but I can's seem to get this to work! > > Here are relevant details. I would appreciate any help. I am ready to hurt > myself if I don't get this going soon. > > Dave Aas > dave@ciminot.com > ------------------------------------ > rc.conf > # This file now contains just the overrides from /etc/defaults/rc.conf > # please make all changes to this file. > > # -- sysinstall generated deltas -- # > saver="daemon" > gateway_enable="YES" > ifconfig_xl0="inet 192.168.100.254 netmask 255.255.255.0" > pccard_ifconfig="NO" > pccard_mem="DEFAULT" > network_interfaces="xl0 xl1 lo0" > ifconfig_xl1="inet 208.149.231.29 netmask 255.255.255.248" > defaultrouter="208.149.231.25" > hostname="gateway.kxmc.com" > firewall_enable="YES" > sendmail_enable="NO" > natd_enable="YES" > natd_interface="xl1" > firewall_type="simple" Hello, I don't see here the mandatory gateway_enable="YES" > ----------------------------------------- > rc.local > natd -use_sockets -same_ports -unregistered_only -dynamic -interface xl1 > ------------------------------------------ you don't have to start natd by yourself if there is natd_enable="YES" in rc.conf TfH [delenda] -- Thierry Herbelot <thierry.herbelot@alcatel.fr> (+33) 1 46 52 47 23 http://perso.cybercable.fr/herbelot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?377333C0.A981747E>