From owner-freebsd-questions  Sat Sep 11 22:34: 1 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from elmls02.ce.mediaone.net (elmls02.ce.mediaone.net [24.131.128.27])
	by hub.freebsd.org (Postfix) with ESMTP id DA1E814D69
	for <freebsd-questions@FreeBSD.ORG>; Sat, 11 Sep 1999 22:33:57 -0700 (PDT)
	(envelope-from burke@mcs.net)
Received: from fatman2 (el01-24-131-147-93.ce.mediaone.net [24.131.147.93])
	by elmls02.ce.mediaone.net (8.8.7/8.8.7) with ESMTP id AAA13738;
	Sun, 12 Sep 1999 00:33:56 -0500 (CDT)
Message-Id: <4.2.0.58.19990912002845.00a6d100@pop.ce.mediaone.net>
X-Sender: johnburke@pop.ce.mediaone.net
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 
Date: Sun, 12 Sep 1999 00:33:53 -0500
To: "Dan Lange (CS stud.)" <lange92@cns.uni.edu>,
	freebsd-questions@FreeBSD.ORG
From: Burke Gallagher <burke@mcs.net>
Subject: Re: FreeBSD firewalling?
In-Reply-To: <Pine.GSO.3.95.990911192042.14129A-100000@chaos.cns.uni.edu
 >
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

did you remember to at natd to /etc/services
     natd    868/divert     #Network Address Translation socket

Here is the article I used to get my firewall running
http://www.freebsdzine.org/199901/features/ipfw.html

good luck
burke


At 07:38 PM 9/11/99 -0500, Dan Lange (CS stud.) wrote:
>Hi,
>   I've looked for information in the Handbook, but can't seem to find what
>I need to know in order to complete the configuration of a freebsd
>firewall. I've installed 2 ethernet cards in my computer, and by someone's
>suggestion I recompiled my kernel and got freebsd to recognize it. I also
>added IP_FIREWALL and IP_DIVERT while I was compiling the kernel for this
>project. I've tried adding rules using ipf and ipfw, and I've played with
>natd for about a week now, but still haven't figured out how to set it up.
>The boxes on the private network can ping both ed0 and ed1 in the freebsd
>box, but they cannot contact anything on the outside network.
>   Some additional details: the private network is on the 10.0.0.x subnet,
>and I'm running a 3.2-RELEASE kernel according to uname. I've edited
>rc.conf; these lines refer to my firewall configuration:
>
>firewall_enable="YES"            # Set to YES to enable firewall functionality
>firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
>firewall_type="open"         # Firewall type (see /etc/rc.firewall)
>firewall_quiet="NO"             # Set to YES to suppress rule display      
>
>   All I want for now is a forwarding firewall; I'll worry about tightening
>security later. What am I forgetting to set up, and how do I go about it?
>Thanks for the help!
>
>DanL
>
>Disclaimer:  Not only do I speak for myself; I am myself.
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message