Date: Wed, 9 Oct 2002 18:34:43 -0400 From: "2005 - Chill, Samuel Thomas" <stchill@mccallie.org> To: <freebsd-questions@FreeBSD.ORG> Subject: Re: Puzzling Simple NATD and IPFW Problem Message-ID: <200210091834.AA431817180@mail.mccallie.org>
next in thread | raw e-mail | index | archive | help
After fixing all of these "problems" still it does not work!
Im running FreeBSD 4.6-STABLE
Using two realtek 8139's (rl0 external rl1 internal)
External is Dhcp to cable modem
Internal ip is 10.0.0.1
Client machines have 10.0.0.x as there ip and 10.0.0.1 set as there gateway and dns
---------- Original Message ----------------------------------
From: "D. Penev" <dpenev@mail.bg>
Date: Wed, 9 Oct 2002 21:06:36 +0300
On Wed, Oct 09, 2002 at 12:00:25AM -0400, 2005 - Chill, Samuel Thomas wrote:
>Date: Wed, 9 Oct 2002 00:00:25 -0400
>From: "2005 - Chill, Samuel Thomas" <stchill@mccallie.org>
>To: <freebsd-questions@FreeBSD.ORG>
>Subject: Re: Puzzling Simple NATD and IPFW Problem
>
>Here is the info. Hope it helps solve this problem.
># ifconfig -a
>rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> inet6 fe80::201:aff:fe10:815b%rl0 prefixlen 64 scopeid 0x1
> inet 68.59.237.192 netmask 0xfffff800 broadcast 68.59.239.255
> ether 00:01:0a:10:81:5b
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
>rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
> inet6 fe80::2d0:9ff:fec6:15ed%rl1 prefixlen 64 scopeid 0x2
> ether 00:d0:09:c6:15:ed
> media: Ethernet autoselect (10baseT/UTP)
> status: active
>lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
>sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
>faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
>lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
> inet6 ::1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
> inet 127.0.0.1 netmask 0xff000000
>ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
>
># ipfw -a l
>00100 160 72611 divert 8668 ip from any to any via rl0
>00200 661 115174 allow ip from any to any
>65535 4 581 deny ip from any to any
>
># netstat -rn
>Routing tables
>
>Internet:
>Destination Gateway Flags Refs Use Netif Expire
>default 68.59.232.1 UGSc 9 5 rl0
>10/24 link#2 UC 2 0 rl1
>10.0.0.3 00:04:5a:53:4d:92 UHLW 2 2109 rl1 241
>10.0.0.4 00:04:5a:53:4d:92 UHLW 2 679 rl1 1050
>68.59.232/21 link#1 UC 2 0 rl0
>68.59.232.1 00:02:fc:82:f0:54 UHLW 10 0 rl0 1199
>68.59.237.177 00:02:fc:82:f0:70 UHLW 0 6 rl0 163
>68.59.237.192 127.0.0.1 UGHS 0 0 lo0
>127.0.0.1 127.0.0.1 UH 1 0 lo0
>
>Internet6:
>Destination Gateway Flags Netif Expire
>::1 ::1 UH lo0
>fe80::%rl0/64 link#1 UC rl0
>fe80::201:aff:fe10:815b%rl0 00:01:0a:10:81:5b UHL lo0
>fe80::%rl1/64 link#2 UC rl1
>fe80::2d0:9ff:fec6:15ed%rl1 00:d0:09:c6:15:ed UHL lo0
>fe80::%lo0/64 fe80::1%lo0 Uc lo0
>fe80::1%lo0 link#6 UHL lo0
>ff01::/32 ::1 U lo0
>ff02::%rl0/32 link#1 UC rl0
>ff02::%rl1/32 link#2 UC rl1
>ff02::%lo0/32 ::1 UC lo0
>
># sysctl net.inet.ip.forwarding
>net.inet.ip.forwarding: 1
>
># ps -aux |grep nat
>root 216 0.0 0.1 436 292 ?? Is 6:13PM 0:00.01 natd -interface rl0
what ps x | grep natd show ? In principle if natd is started from rc.network
first argument must be $natd_flags and then $natd_interface.
>
>
># cat /etc/rc.conf
>gateway_enable="YES"
>firewall_enable="YES"
>firewall_type="/etc/rc.ipfw-queue"
>firewall_quiet="NO"
>natd_enabled="YES"
^
Is this error really exist in rc.conf ?
>natd_interface="rl0"
>natd_flags="-f /etc/natd.conf"
>hostname=".andrsn01.tn.comcast.net"
>ifconfig_rl0="DHCP"
>ifconfig_rl1="inet 10.0.0.1 netmask 255.255.255.0"
>inetd_enable="YES"
>kern_securelevel_enable="NO"
>linux_enable="YES"
>lpd_enable="YES"
>nfs_reserved_port_only="YES"
>sendmail_enable="YES"
>sshd_enable="YES"
>usbd_enable="YES"
>
># cat /etc/natd.conf
>dynamic yes
>use_sockets yes
>same_ports yes
>unregistered_only
>---------- Original Message ----------------------------------
>From: Nick Rogness <nick@rogness.net>
>Date: Tue, 8 Oct 2002 15:38:00 -0600 (MDT)
>
>On Tue, 8 Oct 2002, 2005 - Chill, Samuel Thomas wrote:
>
>> I have ipfirewall, ipdivert, and dummynet all compiled into my kernel. I
>> am able to run run natd and to specify rules with ipfw, i can also ping
>> my external interface. My internal network card (rl1) is 10.0.0.1 and my
>> lan clients are running on 10.0.0.x. I can ping everything, the network
>> is setup properly. Im using the default rules supplied in the man page
>> and apperently natd is not passing them on. I cant ping or go to any
>> website at all. The lan clients have 10.0.0.1 set as there default
>> gateway. rl0 is connected to the cable modem and gets it ip via dhcp.
>> The freebsd box can ping any thing but apparently nothing is forwarded
>> to the external interface. I have double checked and reinstalled
>> multiple times and it seems that it is bound to never work!
>
> Do you have gateway_enable="YES" in /etc/rc.conf?
>
> What do the following show when you run them (just paste them in a
> reply):
>
> # ifconfig -a
> # netstat -rn
> # ipfw -a l
> # sysctl net.inet.ip.forwarding
> # ps -aux |grep nat
> # cat /etc/rc.conf
>
>Nick Rogness <nick@rogness.net>
>- WARNING TO ALL PERSONNEL:
> Firings will continue until morale improves.
>
>
>
>---
>[This E-mail scanned for viruses by Declude Virus]
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
In fact I don't think that will solve you problem but who know :)
--
Regards,
D. Penev
---
[This E-mail scanned for viruses by Declude Virus]
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210091834.AA431817180>