From owner-freebsd-questions Wed May 23 16:29:18 2001 Delivered-To: freebsd-questions@freebsd.org Received: from apollo.gti.net (apollo.gti.net [199.171.27.7]) by hub.freebsd.org (Postfix) with ESMTP id 6B95237B422 for ; Wed, 23 May 2001 16:29:15 -0700 (PDT) (envelope-from y3k@gti.net) Received: from sludge.amc-inc.com (ts5m-pool0-215.gti.net [208.216.126.215]) by apollo.gti.net (mail) with ESMTP id 26E90145AB6; Wed, 23 May 2001 19:29:10 -0400 (EDT) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit MIME-Version: 1.0 In-Reply-To: <200105231927.f4NJRIE28957@fac13.ds.psu.edu> Date: Wed, 23 May 2001 18:22:37 -0400 (EDT) Reply-To: Mark Yeck From: Mark Yeck To: "Richard E. Hawkins" Subject: RE: safely briding from internet to "localnet" Cc: freebsd-questions@FreeBSD.ORG Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 23-May-01 Richard E. Hawkins wrote: > > I'm still at a loss here; I'm probably asking the wrong questions. > > > I have vmware successfully installed, and have networking between my > machine and the virtual machine as a local network. > > What I'm not getting is how to get my machine to act as a gateway or > bridge to the local network so that it can see the rest of the world. > > I understand that natd and/or ipfw are involved, but the man pages make > it look like I'm playing with fire. > > All I want is for the machine to be a gateway for a "machine" on the > "local" network that can be trusted absolutely, and to do absolutely > nothing for any other machine in the world. There must be a simple way > to do this, and probably even a page explaining it . . . > > hawk whoa. i did this exact thing on monday. natd and ipfw are involved. also, recompiling the kernel and stuff. i followed the directions from www.freebsdzine.org and it works great. I think it was the february issue. i'd send a link, but for some reason i cant reach it right now. Only problem I ran into was this, in the natd man page, it says to add "options IPFIREWALL" and "options IPDIVERT" to the kernel. i found that i had to use "option IPDIVERT" for some reason. if you have any problems, let me know. that box is at work, so i can check stuff out tomorrow on it if you need help. -mark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message