Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 5 May 1997 13:54:34 +0200 (MET DST)
From:      Robert Eckardt <roberte@mep.ruhr-uni-bochum.de>
To:        hendra@unix.ukdw.ac.id (Hendra Sentono)
Cc:        questions@FreeBSD.ORG
Subject:   Re: Can't get reply when pinging from inside network
Message-ID:  <199705051154.NAA03435@beta.mep.ruhr-uni-bochum.de>
In-Reply-To: <Pine.BSF.3.91.970505153956.10770A-100000@unix.ukdw.ac.id> from Hendra Sentono at "5. May. 97 15:51:50"
next in thread | previous in thread | raw e-mail | index | archive | help 
> 
> Our BSD 2.1.5-RELEASE configured as a gateway and firewall.
> It is installed with 2 network cards and configured to be able to
> give Internet connection for the inside network (with one NIC, the
> other NIC is connected to the Internet via VSAT connection)
> 
> # parts of sysconfig
> router="routed"
> gateway=YES
> firewall=YES
> 
> The problem is when a computer from the inside network try to ping
> any Internet address (such as www.yahoo.com), it can recognize the
> IP address, but it receives 'Request time out' message.
> 
> Most of our inside network computers are Win95 with TCP/IP installed,
> DNS enabled (we configure the BSD machine as name server, too).
> 
> In this situation our inside computers can't ftp-ing any outside
> sites (but it can ftp-ing the BSD machine and also some other BSD
> machines that have the same position/connected to the Internet
> directly as the former)
> 
> Is the configuration false? Is there something wrong with TCP/IP
> utilities (ftp, ping, etc) in Win95?
> (please note that our knowledge about what exactly a firewall/gateway
> in BSD term is just a little)

Did you enable IPFIREWALL in your kernel config file ?
(I think so.)
You have to define the rules which IP packages are allowed to pass
in and out.
The default in 2.1.5 (and ff) is to deny any packets.

Start with /etc/rc.firewall and ipfw(8).

Robert
> Hendra Sentono				| hendra@students.ukdw.ac.id

-- 
Dr. Robert Eckardt                                                 (
    Ruhr-Universitaet Bochum, Inst.f.Theor.Physik, NB6/169          )
    Universitaetsstrasse 150,   D-44780 Bochum,    Germany     ----X---8----
    Telefon: +49 234 700-3709,   Telefax: +49 234 7094-574             8
    E-Mail:  RobertE@MEP.Ruhr-Uni-Bochum.de                    --------8----
    URL:  http://WWW.MEP.Ruhr-Uni-Bochum.de/~roberte
>>> A magician never reveals his secret:  the unbelievable trick becomes <<<
>>>                             simple and obvious once it is explained. <<<

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705051154.NAA03435>