Date: Fri, 6 Oct 2000 07:28:31 -0400 From: "Mike" <mikenoc@mindspring.net> To: <questions@FreeBSD.org> Subject: Natd not working properlly. Message-ID: <000801c02f88$8f01ee20$b400a8c0@atl.mediaone.net>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0005_01C02F67.0740D440 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello I am having problems getting natd to work correctly. I have BSD = running as=20 the server with 2 NIC cards one has the cable modem plugged into it. The = other is pluged into the HUB. I also have a Windows box plugged into the = hub. From the Windows box I asigned a private IP 192.168.0.5 and the = gateway as the private IP 192.168.0.1 that I asigned on my FreeBSD box = for the NIC going into the HUB. I also asigned the IP addresses for the = name servers in TCP/IP on the windows box. From the Windows Box I can ping the gateway 192.168.0.1 and I can also = ping the IP address asigned by my cable provider but I cannot ping past = that or get web pages. I used the web sight = http://www.mostgraveconcern.com/freebsd/ as a refference and below I = have the configuration from my box. If anyone has any sugestions I would = most apprecaite it. Thanks in advance, Mike F. ***** Kernel ****** options IPFIREWALL_DEFAULT_TO_ACCEPT #firewall options IPDIVERT #divert sockets options IPFIREWALL_VERBOSE #print information about #options "IPFIREWALL_VERBOSE_LIMIT=3D100" #limit verbosity options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN options TCP_RESTRICT_RST #restrict emission of TCP RST *** rc.conf **** gateway_enable=3D"YES" firewall_enable=3D"YES" # Set to YES to enable firewall = functionality firewall_script=3D"/etc/rc.firewall" # Which script to run to set up = the firewall firewall_type=3D"open" # Firewall type (see /etc/rc.firewall) firewall_quiet=3D"YES" # Set to YES to suppress rule display natd_program=3D"/sbin/natd" # path to natd, if you want a different = one. natd_enable=3D"YES" # Enable natd (if firewall_enable =3D=3D = YES). natd_interface=3D"ep0" # Public interface or IPaddress to use. natd_flags=3D"-f /etc/natd.conf" # Additional flags for natd. **** natd.conf ****** dynamic yes use_sockets yes same_ports yes **** IPFW **** bash# ipfw list 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 deny ip from any to any bash# ------=_NextPart_000_0005_01C02F67.0740D440 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Diso-8859-1" = http-equiv=3DContent-Type> <META content=3D"MSHTML 5.00.2614.3500" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2> Hello I am having problems = getting natd to=20 work correctly. I have BSD running as </FONT></DIV> <DIV><FONT face=3DArial size=3D2>the server with 2 NIC cards one has the = cable modem=20 plugged into it. The other is pluged into the HUB. I also have a Windows = box=20 plugged into the hub. From the Windows box I asigned a private IP = 192.168.0.5 =20 and the gateway as the private IP 192.168.0.1 </FONT><FONT face=3DArial=20 size=3D2>that I asigned on my FreeBSD box for the NIC going into the = HUB. I also=20 asigned the IP addresses for the name servers in TCP/IP on the windows=20 box.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>From the Windows Box I can ping the = gateway=20 192.168.0.1 and I can also ping the IP address asigned by my cable = provider but=20 I cannot ping past that or get web pages. I used the web sight <A=20 href=3D"http://www.mostgraveconcern.com/freebsd/">http://www.mostgravecon= cern.com/freebsd/</A> as=20 a refference and below I have the configuration from my box. If anyone = has any=20 sugestions I would most apprecaite it.</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial=20 size=3D2> Thanks = in=20 advance,</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial=20 size=3D2> &nbs= p; =20 Mike F.</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2> ***** Kernel = ******</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial=20 size=3D2>options =20 IPFIREWALL_DEFAULT_TO_ACCEPT &nb= sp; =20 #firewall<BR>options =20 IPDIVERT  = ; =20 #divert sockets<BR>options =20 IPFIREWALL_VERBOSE #print information=20 about<BR>#options = "IPFIREWALL_VERBOSE_LIMIT=3D100" #limit=20 verbosity<BR>options =20 TCP_DROP_SYNFIN #drop TCP packets with=20 SYN+FIN<BR>options =20 TCP_RESTRICT_RST #restrict emission of TCP=20 RST</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>*** rc.conf ****</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial=20 size=3D2>gateway_enable=3D"YES"<BR>firewall_enable=3D"YES" &nb= sp; =20 # Set to YES to enable firewall=20 functionality<BR>firewall_script=3D"/etc/rc.firewall" # Which = script to run=20 to set up the=20 firewall<BR>firewall_type=3D"open" # = Firewall=20 type (see=20 /etc/rc.firewall)<BR>firewall_quiet=3D"YES" = =20 # Set to YES to suppress rule = display<BR>natd_program=3D"/sbin/natd" # path=20 to natd, if you want a different=20 one.<BR>natd_enable=3D"YES" &nbs= p; =20 # Enable natd (if firewall_enable =3D=3D=20 YES).<BR>natd_interface=3D"ep0" # = Public=20 interface or IPaddress to use.<BR>natd_flags=3D"-f /etc/natd.conf" = #=20 Additional flags for natd.<BR></FONT></DIV> <DIV><FONT face=3DArial size=3D2>**** natd.conf ******</FONT></DIV> <DIV><FONT face=3DArial size=3D2><BR>dynamic yes<BR>use_sockets = yes<BR>same_ports=20 yes</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>**** IPFW ****</FONT></DIV> <DIV><FONT face=3DArial size=3D2><BR>bash# ipfw list<BR>00100 allow ip = from any to=20 any via lo0<BR>00200 deny ip from any to 127.0.0.0/8<BR>65000 allow ip = from any=20 to any<BR>65535 deny ip from any to any<BR>bash#<BR></FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2> </DIV></FONT> <DIV><FONT face=3DArial size=3D2></FONT> </DIV></BODY></HTML> ------=_NextPart_000_0005_01C02F67.0740D440-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000801c02f88$8f01ee20$b400a8c0>