From owner-freebsd-questions Thu Apr 20 19:47:59 2000 Delivered-To: freebsd-questions@freebsd.org Received: from bucky.excite.com (bucky-rwcmex.excite.com [198.3.99.218]) by hub.freebsd.org (Postfix) with ESMTP id 21CCB37B57B for ; Thu, 20 Apr 2000 19:47:57 -0700 (PDT) (envelope-from alanux@excite.com) Received: from ants.excite.com ([199.172.152.146]) by bucky.excite.com (InterMail vM.4.01.02.39 201-229-119-122) with ESMTP id <20000421024756.HFFT24984.bucky.excite.com@ants.excite.com> for ; Thu, 20 Apr 2000 19:47:56 -0700 Message-ID: <15653767.956285276711.JavaMail.imail@ants.excite.com> Date: Thu, 20 Apr 2000 19:47:56 -0700 (PDT) From: Alan Chan To: freebsd-questions@FreeBSD.ORG Subject: Network Troubleshooting (ipf.rules and ipnat.rules) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Excite Inbox X-Sender-Ip: 24.7.81.196 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all, I've spent countless hours troubleshooting my network, but couldn't get to work so I'm asking for any help I can get. I have a small network setup and I'm using ipnat.rules and ipf.rules (from OpenBSD) for ip filtering on my FreeBSD gateway/firewall machine. Here's the sittuation: I have two network cards installed on my firewall machine; of the two cards, one entails an external ip address (dco has a cable modem static ip address given by ATHOME) and the other entails a private ip address (dc1: 192.168.1.1). On a separate machine is my DNS server, which includes one network card with a private IP address (192.168.1.2). I have eight computers connected on a 3Com switch. So here's the question: What are some of the commands/things that I (can) need to use to troubleshoot my network? I've used the following the files to config: /etc/rc.conf /etc/resolv.conf /etc/hosts Here is what I did to set up my network: (1) /stand/sysinstall => index => interfaces => no for multi-user => no dhcp => dc0 => dc1 (2) add primary and secondary addresses to resolv.conf file (3) edit the "/etc/hosts" file For my gateway/firewall server, I used "ifconfig -a" and it showed that all network devices have the correct ip address. However, when i used "netstat -rn", 192.168.1.1 has a "netif" of lo0, while 192.168.1.2 has a "netif" of dc1? I was expecting 192.168.1.1 to have dc1... I can ping from 192.168.1.2 to 192.168.1.1 and vice-versa (also work when pinging with any address on the network). However, I can't ping to the outside world (i.e. cnet.com or yahoo.com). I've checked my "etc/resolv.conf" file and it contains the correct dns address. I am thinking that there has to be a problem with my ipnat.rules or ipf.rules, but not really sure. Anyway, i'm having trouble connecting back to the Internet. I appreciate any feedback or insights anyone can give. Sorry if I did not do a good job explaining my problem. _______________________________________________________ Get 100% FREE Internet Access powered by Excite Visit http://freelane.excite.com/freeisp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message