From owner-freebsd-questions Fri Feb 19 19:59:47 1999 Delivered-To: freebsd-questions@freebsd.org Received: from stardust.bzzzz.com (stardust.bzzzz.com [209.90.68.199]) by hub.freebsd.org (Postfix) with ESMTP id 52AE9115C0 for ; Fri, 19 Feb 1999 19:59:24 -0800 (PST) (envelope-from clubkid@bzzzz.com) Received: from localhost (clubkid@localhost) by stardust.bzzzz.com (8.9.3/8.9.3) with ESMTP id UAA00360 for ; Fri, 19 Feb 1999 20:59:23 -0700 (MST) Date: Fri, 19 Feb 1999 20:59:23 -0700 (MST) From: Brian Budnick To: freebsd-questions@freebsd.org Subject: rules and natd Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have my kernel compiled with the following: options IPFIREWALL options IPFIREWALL_VERBOSE options IPDIVERT i have FIREWALL=ENABLED, TYPE=simple, but have been having nothing but problems. I just want a very simple ruleset that basically will allow me to just use the Firewall so basically no one can reach our internal computers by ping. I really want just an open system but i can't seem to get anything I want to work. When I try to access the web from one of my machines that is on the fake network of 10.0.0.0 (machine ip of: 10.0.0.3) it's very very very slow. It takes sometimes up to 3 minutes to load a page and I'm connected on a T1. I can't figure out what is going on? I have two ethernet cards as follows: ed1: ip: 209.90.111.199 netmask: 255.255.255.192 network 209.90.111.192 (Internet Subnet) pn0: ip: 10.0.0.1 netmask: 255.255.255.0 network 10.0.0.0 (Fake Network behind Firewall) What would my ruleset need to look like in order to get it to work? I'm using FreeBSD 3.1 and the default doesn't seem to work for me.. I would appreciate any help that anyone can give me. Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message