From owner-freebsd-questions@FreeBSD.ORG Sat Apr 15 04:22:43 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47FBD16A402 for ; Sat, 15 Apr 2006 04:22:43 +0000 (UTC) (envelope-from daeg@houston.rr.com) Received: from ms-smtp-02.texas.rr.com (ms-smtp-02.texas.rr.com [24.93.47.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id E136B43D46 for ; Sat, 15 Apr 2006 04:22:42 +0000 (GMT) (envelope-from daeg@houston.rr.com) Received: from cpe-24-167-69-19.houston.res.rr.com (cpe-24-167-69-19.houston.res.rr.com [24.167.69.19]) by ms-smtp-02.texas.rr.com (8.13.4/8.13.4) with ESMTP id k3F4MfBM018904 for ; Fri, 14 Apr 2006 23:22:42 -0500 (CDT) From: David J Brooks Organization: KC5WNK To: freebsd-questions@freebsd.org Date: Fri, 14 Apr 2006 23:22:40 -0500 User-Agent: KMail/1.9.1 References: <200604142314.22809.daeg@houston.rr.com> In-Reply-To: <200604142314.22809.daeg@houston.rr.com> X-Face: "\j?x](l|]4p?-1Bf@!wN<&p=$.}^k-HgL}cJKbQZ3r#Ar]\%U(#6}'?<3s7%(%(=?utf-8?q?gxJxxc=0A=09R=09nSNPNr*/=5E=7EStawWU9KDJ-CT0k=24f=23?=@t2^K&BS_f|?ZV/.7Q MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200604142322.40759.daeg@houston.rr.com> X-Virus-Scanned: Symantec AntiVirus Scan Engine Subject: Re: ipfw acting strange X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Apr 2006 04:22:43 -0000 On Friday 14 April 2006 23:14, David J Brooks wrote: > I'm stumped. > > This afternoon I upgraded the outward facing NIC on my gateway, with a > corresponding device name change from rl0 to fxp1. I have edited rc.conf to > reflect the change and made what I thought were the appropriate changes to > rc.firewall. On bootup the console displays the corrected rule-set loading: > > 00050 divert 8668 ip from any to any via fxp0 err.. type here.. the correct rule refers to fxp1, and that is how it appears at boot time. After login it appears as rl0. > but when I log in and type 'ipfw list' the role shows up as: > > 00050 divert 8668 ip from any to any via rl0 > > As a result, the other machines on the LAN cannot access the internet. > > For the life of me I cannot figure out where the old NIC is being read into > the rule-set. > > Here are the relevant lines from rc.conf: > > firewall_enable="YES" > firewall_type="open" # only temporary. :) > firewall_script="/etc/rc.firewall" # should be default anyway > > gateway_enable="YES" > hostname="fuzzy.home.net" > > ifconfig_fxp1="DHCP" > ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0" > natd_enable="YES" > natd_interface="fxp1" > natd_flags="-dynamic -m" > > David -- Sure God created the world in only six days, but He didn't have an established user-base.