From owner-freebsd-questions Fri Jun 25 2:17:56 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mel.alcatel.fr (mel.alcatel.fr [212.208.74.132]) by hub.freebsd.org (Postfix) with ESMTP id 86507153A9 for ; Fri, 25 Jun 1999 02:17:48 -0700 (PDT) (envelope-from Thierry.Herbelot@alcatel.fr) Received: from aifhs2.alcatel.fr (mailhub.alcatel.fr [155.132.180.80]) by mel.alcatel.fr (ALCANET/SMTP) with ESMTP id KAA04490; Fri, 25 Jun 1999 10:14:08 +0200 Received: from lune.telspace.alcatel.fr (lune.telspace.alcatel.fr [155.132.144.65]) by aifhs2.alcatel.fr (ALCANET/SMTP2) with ESMTP id JAA12182; Fri, 25 Jun 1999 09:48:35 +0200 (MET DST) Received: from telss1 (telss1.telspace.alcatel.fr [155.132.51.4]) by lune.telspace.alcatel.fr (8.9.1a/8.9.1) with ESMTP id JAA21669; Fri, 25 Jun 1999 09:34:40 +0200 (MEST) Received: from telspace.alcatel.fr by telss1 (8.8.8+Sun/SMI-SVR4) id JAA13178; Fri, 25 Jun 1999 09:40:30 +0200 (MET DST) Message-ID: <377333C0.A981747E@telspace.alcatel.fr> Date: Fri, 25 Jun 1999 09:46:08 +0200 From: Thierry Herbelot Reply-To: thierry.herbelot@alcatel.fr Organization: Alcatel CIT Nanterre X-Mailer: Mozilla 4.6 [en] (X11; I; SunOS 5.5.1 sun4m) X-Accept-Language: en MIME-Version: 1.0 To: "David B. Aas" Cc: questions@FreeBSD.ORG Subject: Re: I can't get ipfw and natd to work! References: <000201bebeb0$ab280200$0fc8a8c0@dave.ciminot.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "David B. Aas" wrote: > > Help, Please! > > I am trying to get ipfw and natd to work on a "simple" firewall. I have been > using the instructions in the Complete FreeBSD book by Greg Lehey, and using > defaults to set this thing up. That didn't work. I tried email > correspondence with Dan Busarow, and I stumped him. > > I am using an FTP install of 3.2-RELEASE. I recompiled my kernel with the > IPDIVERT and IPFIREWALL options. I have a permanant Internet connection at > 208.149.231.25. My external IP is 208.149.231.29 on device xl1. My internal > device, xl0 is set for IP 192.168.100.254. > > I cannot ping to the outside world. I get an error message "natd[122]: > failed to write packet back (permission denied)". I want to hook up Windows > computers to my network, use RFC1918 net addresses inside my network, and > share a fast connection to the Internet on my network. This is not rocket > science, but I can's seem to get this to work! > > Here are relevant details. I would appreciate any help. I am ready to hurt > myself if I don't get this going soon. > > Dave Aas > dave@ciminot.com > ------------------------------------ > rc.conf > # This file now contains just the overrides from /etc/defaults/rc.conf > # please make all changes to this file. > > # -- sysinstall generated deltas -- # > saver="daemon" > gateway_enable="YES" > ifconfig_xl0="inet 192.168.100.254 netmask 255.255.255.0" > pccard_ifconfig="NO" > pccard_mem="DEFAULT" > network_interfaces="xl0 xl1 lo0" > ifconfig_xl1="inet 208.149.231.29 netmask 255.255.255.248" > defaultrouter="208.149.231.25" > hostname="gateway.kxmc.com" > firewall_enable="YES" > sendmail_enable="NO" > natd_enable="YES" > natd_interface="xl1" > firewall_type="simple" Hello, I don't see here the mandatory gateway_enable="YES" > ----------------------------------------- > rc.local > natd -use_sockets -same_ports -unregistered_only -dynamic -interface xl1 > ------------------------------------------ you don't have to start natd by yourself if there is natd_enable="YES" in rc.conf TfH [delenda] -- Thierry Herbelot (+33) 1 46 52 47 23 http://perso.cybercable.fr/herbelot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message