Date: Thu, 23 Jun 2005 14:20:30 +0200 From: =?ISO-8859-1?Q?Bj=F6rn_K=F6nig?= <bkoenig@cs.tu-berlin.de> To: Peter <peterpub1@aboutsupport.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Simple ipfw problem :( Message-ID: <42BAA90E.3060309@cs.tu-berlin.de> In-Reply-To: <42BAA0A9.3090808@aboutsupport.com> References: <42BAA0A9.3090808@aboutsupport.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter wrote: > with my old linux box I forward all my LAN traffic coming from eth1 via > eth0 with these simple 3 lines > > $IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE > $IPTABLES -A FORWARD -i $LAN_IFACE -j ACCEPT > $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT > > Howevr I moved the box to FreeBSD 5.4 and also I have a new connection > PPPoE. I enabled the IPDIVERRT, FIRREWALL etc in the kernel but I am > unable to make traffic coming from rl0(internal interface) be forwaded > via tun0( PPPoE interface). > > I have gateway_enable='yes', tried playing with ppp_nat etc... > > But no luck.... > > Is there a simple way to do that with ipfw ? Please help - I am little > bit confused... Actually you don't need ipfw or any other packet filter to set up a simple internet access point for clients in a LAN. This configuration should be enough: ---- ppp.conf ---- myisp: set device PPPoE:<interface> set log Phase IPCP CCP Warning Error Alert add! default HISADDR set authname <username> set authkey <password> ---- Note: <interface> is your external network interface, i.e. neither rl0 nor tun0. ---- rc.conf ---- gateway_enable="YES" # "sysctl net.inet.ip.forwarding=1" at startup ppp_enable="YES" ppp_mode="ddial" ppp_profile="myisp" ppp_nat="YES" # alternatively "nat enable yes" in ppp.conf ---- I hope I didn't forget about something. Björn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42BAA90E.3060309>