From owner-freebsd-questions  Wed May 23 16:29:18 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from apollo.gti.net (apollo.gti.net [199.171.27.7])
	by hub.freebsd.org (Postfix) with ESMTP id 6B95237B422
	for <freebsd-questions@FreeBSD.ORG>; Wed, 23 May 2001 16:29:15 -0700 (PDT)
	(envelope-from y3k@gti.net)
Received: from sludge.amc-inc.com (ts5m-pool0-215.gti.net [208.216.126.215])
	by apollo.gti.net (mail) with ESMTP
	id 26E90145AB6; Wed, 23 May 2001 19:29:10 -0400 (EDT)
Message-ID: <XFMail.010523182237.y3k@gti.net>
X-Mailer: XFMail 1.4.0 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
In-Reply-To: <200105231927.f4NJRIE28957@fac13.ds.psu.edu>
Date: Wed, 23 May 2001 18:22:37 -0400 (EDT)
Reply-To: Mark Yeck <y3k@gti.net>
From: Mark Yeck <y3k@gti.net>
To: "Richard E. Hawkins" <dochawk@psu.edu>
Subject: RE: safely briding from internet to "localnet"
Cc: freebsd-questions@FreeBSD.ORG
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


On 23-May-01 Richard E. Hawkins wrote:
> 
> I'm still at a loss here; I'm probably asking the wrong questions.
> 
> 
> I have vmware successfully installed, and have networking between my 
> machine and the virtual machine as a local network.
> 
> What I'm not getting is how to get my machine to act as a gateway or 
> bridge to the local network so that it can see the rest of the world.
> 
> I understand that natd and/or ipfw are involved, but the man pages make 
> it look like I'm playing with fire.
> 
> All I want is for the machine to be a gateway for a "machine" on the 
> "local" network that can be trusted absolutely, and to do absolutely 
> nothing for any other machine in the world.  There must be a simple way 
> to do this, and probably even a page explaining it . . .
> 
> hawk

whoa. i did this exact thing on monday. natd and ipfw are involved. also,
recompiling the kernel and stuff. i followed the directions from 
www.freebsdzine.org and it works great. I think it was the
february issue. i'd send a link, but for some reason i cant reach it right
now. Only problem I ran into was this, in the natd man page, it says to add
"options IPFIREWALL" and "options IPDIVERT" to the kernel. i found that i had
to use "option IPDIVERT" for some reason. 

if you have any problems, let me know. that box is at work, so i can
check stuff out tomorrow on it if you need help.

-mark

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message