Date: Sat, 30 Sep 2000 15:51:25 +0200 (CEST) From: Janko van Roosmalen <janko@compuserve.com> To: James Gorham <james@veldt.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Help! IPFW Problems(update) Message-ID: <Pine.BSF.4.10.10009301516480.438-100000@parmenides.utp.net> In-Reply-To: <p05001900b5fae7ab8c84@[192.168.1.2]>
next in thread | previous in thread | raw e-mail | index | archive | help
My flags for natd are: natd_flags="-dynamic -use_sockets -same_ports" as stated in the ipfw page at www.mostgraveconcern.com/freebsd, BTW did you configure the lan boxes to use the FreeBSD box as their gateway? ===Janko van Roosmalen - Vught - Netherlands=== On Fri, 29 Sep 2000, James Gorham wrote: > > Ok, I recompiled the kernel and it seems to be working better. I > still get the IP_FW errors that I described before, but I can now > ping out to the world from the FreeBSD box without getting the > sendto: permission denied errors. I'm thinking I need some more > tweaking on rc.conf and things will start to shape up. I'm going to > paste my rc.conf here (with IPs changed), my public interface is dc0, > the LAN interface is de0. > > The LAN machines are set to use 192.168.1.1 as their router, and > appear to be able to lookup names (they also use 192.168.1.1 as the > nameserver), can get to the machine itself, but can't get out to the > internet. > > The errors I mentioned about IP_FW are as follows: > > 0050 divert 8668 ip from any to any via dc0 > ipfw: setsockopt(IP_FW_ADD): Invalid argument > > 00100 allow ip from any to any via lo0 > ipfw: setsockopt(IP_FW_ADD): Invalid argument > > 00200 deny ip from any to 127.0.0.0/8 > ipfw: setsockop(IP_FW-AD): Invalid Argument > > 65000 allow ip from any to any > ipfw: setsockopt(IP_FW_ADD): Invalid argument > > I'm thinking this is still a problem with my rc.conf settings, just > can't quite figure out what. I haven't ever touched rc.firewall, so I > can't think that would be it. > > -j > > > # This file now contains just the overrides from /etc/defaults/rc.conf > # please make all changes to this file. > > # -- sysinstall generated deltas -- # > ifconfig_dc0="inet 216.128.57.99 netmask 255.255.255.0" > ifconfig_de0="inet 192.168.1.1 netmask 255.255.255.0" > hostname="autobot.veldt.com" > moused_port="/dev/cuaa0" > moused_type="intellimouse" > moused_enable="YES" > > firewall_enable="YES" > firewall_type="open" > > defaultrouter="216.128.57.254" > sshd_enable="YES" > natd_enable="YES" > natd_program="/sbin/natd" > natd_interface="dc0" > #natd_interface="216.128.57.99" > #ifconfig_dc0_alias0="inet 192.168.1.1 netmask 255.255.255.0" > ntpdate_enable="YES" > ntpdate_flags="time.apple.com" > xntpd_enable="YES" > named_enable="YES" > gateway_enable="YES" > #natd_flags="-redirect_port tcp 192.168.1.2:1200-1300 1200-1300" > #natd_flags="-redirect_port tcp 192.168.1.2:5190 5190" > #natd_flags="-a 216.128.57.99" > natd_flags="-log" > tcp_extensions="YES" > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10009301516480.438-100000>