From owner-freebsd-questions  Wed May 23 16:43:56 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from fac13.ds.psu.edu (fac13.ds.psu.edu [146.186.61.98])
	by hub.freebsd.org (Postfix) with ESMTP id 8320F37B423
	for <freebsd-questions@FreeBSD.ORG>; Wed, 23 May 2001 16:43:53 -0700 (PDT)
	(envelope-from hawk@fac13.ds.psu.edu)
Received: from fac13.ds.psu.edu (localhost [127.0.0.1])
	by fac13.ds.psu.edu (8.11.3/8.11.3) with ESMTP id f4NNhjE37946;
	Wed, 23 May 2001 19:43:45 -0400 (EDT)
	(envelope-from hawk@fac13.ds.psu.edu)
Message-Id: <200105232343.f4NNhjE37946@fac13.ds.psu.edu>
X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4
To: Mark Yeck <y3k@gti.net>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: safely briding from internet to "localnet" 
In-Reply-To: Your message of "Wed, 23 May 2001 18:22:37 EDT."
             <XFMail.010523182237.y3k@gti.net> 
From: dochawk@psu.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 23 May 2001 19:43:44 -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

mark mentioned,

> whoa. i did this exact thing on monday. natd and ipfw are involved. also,
> recompiling the kernel and stuff. i followed the directions from 
> www.freebsdzine.org and it works great. I think it was the
> february issue. i'd send a link, but for some reason i cant reach it right
> now. Only problem I ran into was this, in the natd man page, it says to add
> "options IPFIREWALL" and "options IPDIVERT" to the kernel. i found that i had
> to use "option IPDIVERT" for some reason. 

> if you have any problems, let me know. that box is at work, so i can
> check stuff out tomorrow on it if you need help.

yep, I found that page too, and most of it was wonderful.  But that 
section just refers you on to natd, which is what I know absolutely 
nothing about.

When I added both of those to my kernel (and maybe I added the line in 
/etc/rc.firewall ?) I ended up with a kernel that couldn't handle the 
network at all.

If you can provide the ipfw/natd rules and where to put them, I'd
greatly appreciate it.

hawk

-- 
Prof. Richard E. Hawkins, Esq.                     /"\   ASCII ribbon campaign 
dochawk@psu.edu  Smeal 178  (814) 375-4700         \ /   against HTML mail
These opinions will not be those of                 X    and postings 
Penn State until it pays my retainer.              / \ 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message