From owner-freebsd-questions Sat Mar 4 10:40: 7 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.mia.bellsouth.net (mail1.mia.bellsouth.net [205.152.16.13]) by hub.freebsd.org (Postfix) with ESMTP id 794D637B73A for ; Sat, 4 Mar 2000 10:40:01 -0800 (PST) (envelope-from phastnet@bellsouth.net) Received: from mach2.mia.bellsouth.net (adsl-61-8-25.mia.bellsouth.net [208.61.8.25]) by mail1.mia.bellsouth.net (3.3.5alt/0.75.2) with SMTP id NAA05268; Sat, 4 Mar 2000 13:38:53 -0500 (EST) Message-ID: <005301bf8608$de8ff560$02ac14ac@mia.bellsouth.net> From: "Phastnet" To: Cc: References: <200003032114.KAA66048@ducky.nz.freebsd.org> Subject: Re: switch from natd to ipnat Date: Sat, 4 Mar 2000 13:37:18 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thanks for the help! I now have it working great! Active FTP's work perfectly now :) Your website helped a ton, but I did notice one thing you MIGHT want to change on your site. When I was reading on your page how to setup ipfilter (http://www.freebsddiary.org/ipfilter334.html), you said to "Remember to add kernel support for ipnat before recompiling." So I added "options IPFILTER" like you say to do on your ipnat page, then went back to install ipfilter. When I did step #3: run "FreeBSD-3/ kinstall" , it asked if it could modify MYKERNEL for me. I allowed it to do it, then went and checked what it did. The only thing I could find changed was the addition of 2 more lines: options IPFILTER options IPFILTER_LOG the line I added for ipnat was also still there, so I just deleted it since it was now a duplicate. I rebuilt the kernel, rebooted, and everything worked sweet after I ran "ipnat -f /etc/ipnat.conf". I didn't run "ipf -f /etc/ipf.conf", because everything started working without it. Should I be running that too? I haven't setup my rules yet, maybe this is why I don't notice anything wrong yet? anyways, I converted from using ipfw/natd to this setup, which is what other people probably do too their first time, so I wanted to know what I could remove so that ipfw/natd isn't activated anymore. Here's what I did: removed the natd options from rc.conf this stopped natd from working, but in the dmesg, I still saw alot of stuff from ipfw. So, I looked up in "The Complete FreeBSD" what I did to enable natd to begin with. I removed these 2 options from MYKERNEL and rebuilt it: options IPFIREWALL options IPDIVERT I was afraid ipf/ipnat might need these, but it all appears to still work fine! and the dmesg output looks better now. Did I do it all right? Is there anything else I can remove from the old ipfw/natd setup? Thanks again for your help!! Shawn M. phastnet.com ----- Original Message ----- From: Dan Langille To: Phastnet Cc: Sent: Friday, March 03, 2000 4:14 PM Subject: Re: switch from natd to ipnat > On 3 Mar 00, at 13:56, Phastnet wrote: > > > Hi, I am currently using natd to share a dsl connection to my network. It > > works pretty good, but alot of things don't work right (such as active FTP, > > ICQ behaves strange, etc.). I was searching dejanews on how to solve the > > ICQ problems, and found out people were saying that ipnat does things alot > > better than natd, including active ftp and ICQ. So I have read everything > > I can find about ipnat, and want to use it. My problem is, I can't find any > > instructions on how to get it installed! I am running 3.4-RELEASE, and > > from what the ipnat docs say, it should be included. It even appears to be > > installed, but whenever I try to run it, I get Device not configured > > errors. I'm sure this just means that I don't have something configured > > right, but I can't find any help on how to do the initial setup, just > > instructions on how to setup rules, mapping, etc. > > Try the ipfilter home page (a link from my page below). You might also > want to see how I set up ipnat. > > http://www.freebsddiary.org/natrules.html > > If the above doesn't work, please let me know and I'll update the page. > -- > Dan Langille - DVL Software Limited [I'm looking for more work] > http://www.dvl-software.com/ | http://www.unixathome.org/ > http://www.racingsystem.com/ | http://www.freebsddiary.org/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message