Date: Mon, 09 Dec 2002 09:57:22 +0100 From: "Roger 'Rocky' Vetterberg" <listsub@401.cx> To: Mike <massey@rmci.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPNAT help Message-ID: <3DF45AF2.8000008@401.cx> References: <000501c2a64f$e6c9fea0$2202ded8@data>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike wrote: > Trying to setup a small local network off of my DSL. Currently I use a > different OS to do this but I am switching, or trying to.. > > I am using IPNAT and have added all of the options to redo the kernel. > options INET #InterNETworking > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > options IPSTEALTH > options TCP_RESTRICT_RST > options INET6 #IPv6 communications protocols > > Recompiled and setup my firewall - Works great. Next went after ipnat > and natd (Note some of these I do not need I think but which ones?) I > need a clear step by step on this if someone has one. > > My RC.CONF with IP changed > # -- sysinstall generated deltas -- # Sat Nov 30 16:10:02 2002 > # Created: Sat Nov 30 16:10:02 2002 > # Enable network daemons for user convenience. > # Please make all changes to this file, not to /etc/defaults/rc.conf. > # This file now contains just the overrides from /etc/defaults/rc.conf. > #My ADSL router > defaultrouter="216.0.0.33" > ipfilter_enable="YES" > ipnat_anabled="YES" > natd_enable="YES" > natd_interface="fpx0" > natd_flags="-f /etc/natd.conf" > gateway_enable="YES" > hostname="myhost.myhost.us" > ifconfig_fxp0="inet 216.0.0.35 netmask 255.255.255.248" > ifconfig_xl0="inet 192.168.0.2 netmask 255.255.255.0" > inetd_enable="NO" > ipv6_enable="YES" > kern_securelevel_enable="NO" > linux_enable="YES" > nfs_reserved_port_only="YES" > sendmail_enable="YES" > sshd_enable="YES" > usbd_enable="YES" > #required for ipfw support > firewall_enable="YES" > #firewall_script="/etc/ipfw.rules" > firewall_script="/etc/rc.firewall" > firewall_type="simple" > firewall_quiet="NO" #change to YES once happy with rules > firewall_logging_enable="YES" > #extra firewalling options > log_in_vain="YES" > tcp_restrict_rst="YES" > icmp_drop_redirect="YES" > > Next added my ipnat.conf file > > map fxp0 192.168.0.0/24 -> 216.222.2.35/29 portmap tcp/udp 10000:65000 > > So pick it apart and point me in the right direction if possible. I am > continuing to try and make it work... > > Thanks > > PS - This is my First post on anything in FreeBSD, the rest from MySQL > to SSHD SSL Apache PHP Webmin all went great! You do not need both ipnat and natd. Ipnat is ipfilters way of doing nat, while natd is the ipfw way. If you run ipfilter, you run ipnat. If you choose ipfw, you're stuck with ipfw. You can, if you want, run both ipfilter and ipfw, but you probably should try to get one of them going first before attempting anything like that. My advice is pick one, ipnat or natd, and remove the other. -- R To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DF45AF2.8000008>