Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 20 Dec 2000 18:13:26 -0800 (PST)
From:      sefkan <sefkan@tr909.trackstar.org>
To:        <questions@freebsd.org>
Subject:   Help: Firewall w/ dynamic ip
Message-ID:  <Pine.LNX.4.30.0012201802350.8360-100000@tr909.trackstar.org>
next in thread | raw e-mail | index | archive | help 

Hello,

I need some help setting up a basic firewall (using /etc/rc.firewall
and /etc/rc.conf).

Here's what I have:

1) Modem connection to internet with dynamic ip (external serial modem).
2) Network card to internal network set to ip address 192.168.0.1
   (NE2000/ Linksys Card detected as "dc0" in FreeBSD)

Also, I'm using "nat(d)", so my modem becomes "tun0".

ifconfig yields:
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
        ether 00:a0:cc:e4:1f:56
        media: autoselect (100baseTX) status: active
        supported media: autoselect 100baseTX <full-duplex> 100baseTX
10baseT/UTP <full-duplex> 10baseT/UTP 100baseTX <hw-loopback> none
ds0: flags=8008<LOOPBACK,MULTICAST> mtu 65532
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
        inet 63.166.51.125 --> 216.111.111.5 netmask 0xffffff00
        Opened by PID 7737


I have modified /etc/rc.conf to include:
firewall_enable="YES"

and I have tried:
firewall_type="simple"
firewall_type="client"

////////////////////////////////////////
In the /etc/rc.firewall file I have not been able to figure
out the following:

...
[Cc][Ll][Ii][Ee][Nn][Tt])

        # set these to your network and netmask and ip
        #net="192.0.2.0"
        #mask="255.255.255.0"
        #ip="192.0.2.1"
        net="216.111.111.5"     # internal network?
        mask="255.255.255.0"    #
        ip="63.166.51.125"              # get from "ifconfig" output?
...

...
[Ss][Ii][Mm][Pp][Ll][Ee])
...
        # set these to your outside interface network and netmask and ip
        #oif="ed0"
        #onet="192.0.2.0"
        #omask="255.255.255.240"
        #oip="192.0.2.1"

and this does not work:

        oif="tun0"                      # tun0 ?
        onet="63.166.51.125"            # ?
        omask="255.255.255.240"         # ? 255.255.255.0 ?
        oip="216.111.111.5"                     # what?

...


Any help would be greatly appreciated.
Thanks in advance,
-Sefkan

PS
Please reply directly to "sefkan@tr909.trackstar.org" if possible :)



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0012201802350.8360-100000>