From owner-freebsd-questions Fri Jul 6 12:28:42 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.cult.cu (mail.cult.cu [169.158.120.2]) by hub.freebsd.org (Postfix) with ESMTP id 1CB5537B401 for ; Fri, 6 Jul 2001 12:28:24 -0700 (PDT) (envelope-from admin@atenas.cult.cu) Received: from mail by mail.cult.cu with local-bsmtp (Exim 3.03 #2) id 15IbGW-0009Tc-00; Fri, 06 Jul 2001 15:27:48 -0400 Received: from [169.158.120.178] (helo=mail.atenas.cult.cu) by mail.cult.cu with esmtp (Exim 3.03 #2) id 15IbGO-0009St-00; Fri, 06 Jul 2001 15:27:41 -0400 Received: from mail.atenas.cult.cu ([169.158.120.179] helo=proxy.atenas.cult.cu) by mail.atenas.cult.cu with smtp (Exim 3.22 #2) id 15IbJ7-0002xs-00; Fri, 06 Jul 2001 15:30:29 -0400 From: Manolo Valdes To: Eric Long Subject: Re: Is this a routing problem? Date: Fri, 6 Jul 2001 15:20:16 -0400 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain; charset="US-ASCII" References: In-Reply-To: Cc: freebsd-questions@freebsd.org MIME-Version: 1.0 Message-Id: <01070615273501.04051@proxy.atenas.cult.cu> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 06 Jul 2001, you wrote: > I am at a loss with this setup, any suggestions are welcome: > > Details: > Running Freebsd 4.3-RELEASE, ipfw, natd, dhcpd, and gateway is enabled > > I'm running this box with two NIC's and an Emerging Technologies card that > functions as a router. The Emerging Technologies card (eth0) is the WAN > interface, one of the NIC's (fxp1) is the LAN interface. Nothing on the LAN > interface can access the internet (via the WAN interface). > > What I know: > 1.) Traffic gets to the FreeBSD box from the WAN interface. > 2.) Traffic goes out the WAN interface from the FreeBSD box > 3.) Traffic goes out the LAN interface from the FreeBSD box (workstations > are assigned ip's via dhcpd therefore telling me that they are seeing the > box on the network via the LAN interface), plus I can also ping these boxes > when they are assigned an IP > 4.) Traffic does NOT go out the WAN interface from the LAN interface (no > workstation can reach the net). > > Problem: > Is this a routing issue? Traffic simply isn't being passed from the LAN > interface to the WAN interface. > > My routing tables: > > % netstat -r -n > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 65.114.176.41 UGSc 6 24630 eth0 > 65.114.176.41 65.114.176.42 UH 5 2 eth0 > 127.0.0.1 127.0.0.1 UH 0 4 lo0 > 192.168.1 link#2 UC 0 0 fxp1 => > > eth0 is 65.114.176.42 > fxp1 is 192.168.1.1 > > Pertinent details from /etc/rc.conf: > gateway_enable="YES" > firewall_enable="YES" > firewall_type="open" > natd_enable="YES" > natd_interface="eth0" > natd_flags="-f /etc/natd.conf" > > ipfw details: > % ipfw list if natd is enable when you ipfw list you should get 00050 divert "natd port" ip from any to any via "natd_interface" check the /etc/natd.conf and why /etc/rc.firewall are not loading the natd rule check if your kernel was compiled with options IPDIVERT # For Nat > 00100 allow ip from any to any via lo0 > 00200 deny ip from any to 127.0.0.0/8 > 00300 deny ip from 127.0.0.0/8 to any > 65000 allow ip from any to any > 65535 deny ip from any to any > > -Eric Manolito To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message