From owner-freebsd-questions  Wed Mar 14  8:46:17 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from nwcst333.netaddress.usa.net (nwcst333.netaddress.usa.net [204.68.23.78])
	by hub.freebsd.org (Postfix) with SMTP id 58AE637B718
	for <freebsd-questions@freebsd.org>; Wed, 14 Mar 2001 08:46:11 -0800 (PST)
	(envelope-from tymanthius@usa.net)
Received: (qmail 9983 invoked by uid 60001); 14 Mar 2001 16:46:06 -0000
Message-ID: <20010314164606.9982.qmail@nwcst333.netaddress.usa.net>
Received: from 204.68.23.78 by nwcst333 for [206.27.134.197] via web-mailer() on Wed Mar 14 16:46:06 GMT 2001
Date: 14 Mar 2001 09:46:06 MST
From: Tymanthius Rune Speak <tymanthius@usa.net>
To: David Preece <davep@afterswish.com>,
	Tymanthius Rune Speak <tymanthius@usa.net>
Subject: Re: More NATD/IPFW woes . . . 
Cc: freebsd-questions@freebsd.org
X-Mailer: USANET web-mailer ()
Mime-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----NetAddressPart-00--=_NqUg9136S337a36482e"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

This is a multi-part message in MIME format.

------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

Ok, went back an re-compiled the kernel again the 'right' way for this se=
tup.

ed0, ed1
options IPFIREWALL =

options IPDIVERT

I'm using the 'wide-open' firewall for testing.

/sbin/ipfw -f flush
     "     add divert natd all from any to any via ed1 #ed1 is to my INTE=
RNAL
net
     "     add pass all from any to any

This will allow my bsd box to get onto the internet (external).  If I cha=
nge
line 2 to 'via ed0' it will allow bsd box to get on internal net.  But no=
thing
w/ this config will allow the bsd box to work on both nets at once!!

Below are outputs of ifconfig -a, ipfw show, ps ax as requested.




____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=3D=
1

------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; name="ps.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ps.txt"

  PID  TT  STAT      TIME COMMAND
    0  ??  DLs    0:00.38  (swapper)
    1  ??  ILs    0:00.23 /sbin/init --
    2  ??  DL     0:02.03  (pagedaemon)
    3  ??  DL     0:00.00  (vmdaemon)
    4  ??  DL     0:00.64  (bufdaemon)
    5  ??  DL     0:14.03  (syncer)
   38  ??  Is     0:00.01 adjkerntz -i
  105  ??  Ss     0:03.25 syslogd -s
  108  ??  Is     0:00.02 /usr/sbin/portmap
  118  ??  I      0:00.01 nfsd: server (nfsd)
  119  ??  I      0:00.01 nfsd: server (nfsd)
  120  ??  I      0:00.01 nfsd: server (nfsd)
  121  ??  I      0:00.01 nfsd: server (nfsd)
  126  ??  I      0:00.00 nfsiod -n 4
  127  ??  I      0:00.00 nfsiod -n 4
  128  ??  I      0:00.00 nfsiod -n 4
  129  ??  I      0:00.00 nfsiod -n 4
  147  ??  Is     0:00.25 inetd -wW
  149  ??  Ss     0:03.79 cron
  152  ??  Is     0:00.06 /usr/sbin/lpd
  155  ??  Is     0:04.79 sendmail: accepting connections (sendmail)
  174  ??  Is     0:00.03 moused -p /dev/cuaa0 -t auto
  205  ??  Ss     0:17.78 /usr/local/sbin/httpd
  210  ??  I      0:00.03 /usr/local/sbin/httpd
  211  ??  I      0:00.04 /usr/local/sbin/httpd
  212  ??  I      0:00.03 /usr/local/sbin/httpd
  213  ??  I      0:00.03 /usr/local/sbin/httpd
  214  ??  I      0:00.03 /usr/local/sbin/httpd
  232  ??  S      0:01.61 /usr/local/sbin/mgetty cuaa1
  239  v0  Ss     0:02.14 -csh (csh)
 1324  v0  R+     0:00.01 ps ax
  225  v1  Is+    0:00.14 /usr/libexec/getty Pc ttyv1
  226  v2  Is+    0:00.13 /usr/libexec/getty Pc ttyv2
  227  v3  Is+    0:00.16 /usr/libexec/getty Pc ttyv3
  228  v4  Is+    0:00.14 /usr/libexec/getty Pc ttyv4
  229  v5  Is+    0:00.13 /usr/libexec/getty Pc ttyv5
  230  v6  Is+    0:00.14 /usr/libexec/getty Pc ttyv6
  231  v7  Is+    0:00.12 /usr/libexec/getty Pc ttyv7
------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; name="ifconfig.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ifconfig.txt"

lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 206.27.134.246 netmask 0xffffff00 broadcast 206.27.134.255
	inet6 fe80::240:5ff:fe60:803%ed0 prefixlen 64 scopeid 0x2 
	ether 00:40:05:60:08:03 
ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
	inet6 fe80::240:5ff:fe60:803%ed1 prefixlen 64 scopeid 0x3 
	ether 00:40:05:60:08:03 
faith0: flags=8000<MULTICAST> mtu 1500
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif1: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif2: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif3: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 
	inet6 ::1 prefixlen 128 
	inet 127.0.0.1 netmask 0xff000000 
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
------NetAddressPart-00--=_NqUg9136S337a36482e
Content-Type: text/plain; name="ipfw.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="ipfw.txt"

00100 211 18144 divert 8668 ip from any to any via ed1
00200  34  3625 allow ip from any to any
65535 449 51264 deny ip from any to any

------NetAddressPart-00--=_NqUg9136S337a36482e--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message