Date: 14 Mar 2001 09:46:06 MST From: Tymanthius Rune Speak <tymanthius@usa.net> To: David Preece <davep@afterswish.com>, Tymanthius Rune Speak <tymanthius@usa.net> Cc: freebsd-questions@freebsd.org Subject: Re: More NATD/IPFW woes . . . Message-ID: <20010314164606.9982.qmail@nwcst333.netaddress.usa.net>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Ok, went back an re-compiled the kernel again the 'right' way for this se=
tup.
ed0, ed1
options IPFIREWALL =
options IPDIVERT
I'm using the 'wide-open' firewall for testing.
/sbin/ipfw -f flush
" add divert natd all from any to any via ed1 #ed1 is to my INTE=
RNAL
net
" add pass all from any to any
This will allow my bsd box to get onto the internet (external). If I cha=
nge
line 2 to 'via ed0' it will allow bsd box to get on internal net. But no=
thing
w/ this config will allow the bsd box to work on both nets at once!!
Below are outputs of ifconfig -a, ipfw show, ps ax as requested.
____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=3D=
1
------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; name="ps.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ps.txt"
PID TT STAT TIME COMMAND
0 ?? DLs 0:00.38 (swapper)
1 ?? ILs 0:00.23 /sbin/init --
2 ?? DL 0:02.03 (pagedaemon)
3 ?? DL 0:00.00 (vmdaemon)
4 ?? DL 0:00.64 (bufdaemon)
5 ?? DL 0:14.03 (syncer)
38 ?? Is 0:00.01 adjkerntz -i
105 ?? Ss 0:03.25 syslogd -s
108 ?? Is 0:00.02 /usr/sbin/portmap
118 ?? I 0:00.01 nfsd: server (nfsd)
119 ?? I 0:00.01 nfsd: server (nfsd)
120 ?? I 0:00.01 nfsd: server (nfsd)
121 ?? I 0:00.01 nfsd: server (nfsd)
126 ?? I 0:00.00 nfsiod -n 4
127 ?? I 0:00.00 nfsiod -n 4
128 ?? I 0:00.00 nfsiod -n 4
129 ?? I 0:00.00 nfsiod -n 4
147 ?? Is 0:00.25 inetd -wW
149 ?? Ss 0:03.79 cron
152 ?? Is 0:00.06 /usr/sbin/lpd
155 ?? Is 0:04.79 sendmail: accepting connections (sendmail)
174 ?? Is 0:00.03 moused -p /dev/cuaa0 -t auto
205 ?? Ss 0:17.78 /usr/local/sbin/httpd
210 ?? I 0:00.03 /usr/local/sbin/httpd
211 ?? I 0:00.04 /usr/local/sbin/httpd
212 ?? I 0:00.03 /usr/local/sbin/httpd
213 ?? I 0:00.03 /usr/local/sbin/httpd
214 ?? I 0:00.03 /usr/local/sbin/httpd
232 ?? S 0:01.61 /usr/local/sbin/mgetty cuaa1
239 v0 Ss 0:02.14 -csh (csh)
1324 v0 R+ 0:00.01 ps ax
225 v1 Is+ 0:00.14 /usr/libexec/getty Pc ttyv1
226 v2 Is+ 0:00.13 /usr/libexec/getty Pc ttyv2
227 v3 Is+ 0:00.16 /usr/libexec/getty Pc ttyv3
228 v4 Is+ 0:00.14 /usr/libexec/getty Pc ttyv4
229 v5 Is+ 0:00.13 /usr/libexec/getty Pc ttyv5
230 v6 Is+ 0:00.14 /usr/libexec/getty Pc ttyv6
231 v7 Is+ 0:00.12 /usr/libexec/getty Pc ttyv7
------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; name="ifconfig.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ifconfig.txt"
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 206.27.134.246 netmask 0xffffff00 broadcast 206.27.134.255
inet6 fe80::240:5ff:fe60:803%ed0 prefixlen 64 scopeid 0x2
ether 00:40:05:60:08:03
ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::240:5ff:fe60:803%ed1 prefixlen 64 scopeid 0x3
ether 00:40:05:60:08:03
faith0: flags=8000<MULTICAST> mtu 1500
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif1: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif2: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif3: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; name="ipfw.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ipfw.txt"
00100 211 18144 divert 8668 ip from any to any via ed1
00200 34 3625 allow ip from any to any
65535 449 51264 deny ip from any to any
------NetAddressPart-00--=_NqUg9136S337a36482e--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010314164606.9982.qmail>