From owner-freebsd-questions  Sun Jan  2  6:34:47 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mailhub1.ncal.verio.com (mailhub1.ncal.verio.com [204.247.247.38])
	by hub.freebsd.org (Postfix) with ESMTP id A2B5714E48
	for <freebsd-questions@freebsd.org>; Sun,  2 Jan 2000 06:34:45 -0800 (PST)
	(envelope-from ericdano@ncal.verio.com)
Received: from shell1.ncal.verio.com (ericdano@shell1.ncal.verio.com [204.247.248.254])
	by mailhub1.ncal.verio.com (8.8.8+Sun/8.8.7) with ESMTP id GAA29434
	for <freebsd-questions@freebsd.org>; Sun, 2 Jan 2000 06:34:45 -0800 (PST)
Received: from localhost (ericdano@localhost)
	by  shell1.ncal.verio.com (8.8.7/8.8.7) with ESMTP id GAA12081
	for <freebsd-questions@freebsd.org>; Sun, 2 Jan 2000 06:34:42 -0800 (PST)
X-Authentication-Warning: shell1. ncal.verio.com: ericdano owned process doing -bs
Date: Sun, 2 Jan 2000 06:34:42 -0800 (PST)
From: Eric Dannewitz <ericdano@ncal.verio.com>
To: freebsd-questions@freebsd.org
Subject: natd problems
Message-ID: <Pine.GSO.4.05.10001020629330.11940-100000@shell1>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Ok, well, my Linux box that was doing NAT decided to kill itself for the
next
century. So, I decided I'd start the new year off right and jump into
FreeBSD
3.2.

Now, I have compiled the kernel to support IPFIREWALL and IPDIVERT.
my rc.firewall file looks like:
/sbin/ipfw -f flush
/sbin/ipfw add divert natd all from any to any via xl1
/sbin/ipfw add pass all from any to any

I added 
natd 8668/divert

to my /etc/services

and my rc.conf file has the following:

ifconfig_lo0="inet 127.0.0.1"   
ifconfig_lx1="inet 216.38.135.133 netmask 255.255.255.240"
defaultrouter="216.38.135.129"
network_interfaces="xl1 xl0 lo0"        
ifconfig_lx0="inet 192.168.1.1 netmask 255.255.255.0"
firewall_enable="YES"           
firewall_script="/etc/rc.firewall" 
gateway_enable="YES"            
natd_program="/sbin/natd"       
natd_enable="YES"                
natd_interface="216.38.135.133"          
natd_flags=""                   # Additional flags for natd.
tcp_extensions="NO"             

And finally my network cards are:
routy# ifconfig -a
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        ether 00:10:4b:31:2d:60
        media: 10base2/BNC
        supported media: 10base2/BNC 10base5/AUI 10baseT/UTP <full-duplex>
        10baseT/UTP <half-duplex> 10baseT/UTP
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 216.38.135.133 netmask 0xfffffff0 broadcast 216.38.135.143
        ether 00:10:5a:1e:3c:64
        media: 10baseT/UTP <half-duplex>
        supported media: autoselect 100baseTX <full-duplex> 100baseTX
        <half-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP
        <half-duplex> 10baseT/UTP
tun0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet 127.0.0.1 netmask 0xff000000

Any ideas? The config's external interface card works, but the internal
one is all messed up............



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message