From owner-freebsd-questions@FreeBSD.ORG Mon Nov 29 16:09:26 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E395410656AA for ; Mon, 29 Nov 2010 16:09:26 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) by mx1.freebsd.org (Postfix) with ESMTP id 604248FC2C for ; Mon, 29 Nov 2010 16:09:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id oATG9Ol4019480; Tue, 30 Nov 2010 03:09:24 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Tue, 30 Nov 2010 03:09:24 +1100 (EST) From: Ian Smith To: Lokadamus In-Reply-To: <20101129052727.7028310656EF@hub.freebsd.org> Message-ID: <20101130015913.W47536@sola.nimnet.asn.au> References: <20101129052727.7028310656EF@hub.freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: Lamac Lamaco , freebsd-questions@freebsd.org Subject: Re: gateway_enable="NO" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Nov 2010 16:09:27 -0000 In freebsd-questions Digest, Vol 339, Issue 1, Message: 20 On Mon, 29 Nov 2010 01:40:21 +0100 Lokadamus wrote: > Am 25.11.2010 05:38, schrieb Lamac Lamaco: > > The system installed now and in adresses /etc or /etc/rc.d there is no > > script. > > Does system work in default as ROUTER? > > I ask this question, because i tried it works. > > As it is written "gateway_enable="NO" # Set to YES if this host will be a > > gateway" in the address -> /etc/defaults/rc.conf > > But if I write gateway_enable="NO" in the address /etc/rc.conf , my > > system will work in as ROUTER. I say this because the host in my system's > > local network can ping my system's global IP. As i know it can be only in > > ROUTER. No, being able to ping any address on any interface on a system is not the same as being able to route packets elsewhere through that system. Only specific firewall rules would prevent that, if you had some need to deny inside net hosts access to some service/s bound to your outside IP. If a local network host can ping anywhere outside through your system, then it's acting as a gateway aka router for that host; not otherwise. > > Thanks. No worries. > No, in default FreeBSD isn't working as a router. Right. > Look with sysctl at: > net.inet.ip.fw.default_to_accept > When is it set to 1, FreeBSD is working as a router, with a value of 0 > it doesn't work as a router. Wrong; sysctl net.inet.ip.fw.default_to_accept has nothing to do with this; gateway_enable=YES causes setting sysctl net.inet.ip.forwarding=1 > Look with tcpdump where networktraffic is going. > > http://www.freebsd.org/doc/handbook/network-routing.html Good advice. cheers, Ian