From owner-freebsd-questions  Fri Jul  6 12:55:12 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from hemi.metrotv.com (hemi.metrotv.com [209.98.153.2])
	by hub.freebsd.org (Postfix) with SMTP id 430E137B401
	for <questions@freebsd.org>; Fri,  6 Jul 2001 12:55:07 -0700 (PDT)
	(envelope-from eric@metrotv.com)
Received: (qmail 51707 invoked by uid 1009); 6 Jul 2001 19:58:07 -0000
Received: from remoteaccess-3.metrotv.com (HELO ?209.98.153.49?) (209.98.153.49)
  by hemi.metrotv.com with SMTP; 6 Jul 2001 19:58:07 -0000
User-Agent: Microsoft-Entourage/9.0.1.3108
Date: Fri, 06 Jul 2001 14:51:42 -0500
Subject: Re: Is this a routing problem?
From: Eric Long <eric@metrotv.com>
To: Manolo Valdes <admin@atenas.cult.cu>,
	Joe Clarke <marcus@marcuscom.com>
Cc: <questions@FreeBSD.ORG>
Message-ID: <B76B80FE.3CFC%eric@metrotv.com>
In-Reply-To: <01070615313402.04051@proxy.atenas.cult.cu>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi,

Found the error and I knew it was something stupid.

My /etc/rc.conf and /etc/natd.conf had conflicting configurations for which
interface to have natd run on.  It was not running on the WAN interface.
When I thought it was running on the WAN interface, my settings in
/etc/natd.conf overrode /etc/rc.conf.

Thanks.

-Eric

> so check your /etc/natd.conf
> for testing dont use any configuration file. natd should work whith out it
> 
> Manolito
> 
> On Fri, 06 Jul 2001, Eric Long wrote:
>> Sorry, I inadvertently deleted the first line of ipfw output in my previous
>> message.  I do have that line and it is still not working.  ipfw output:
>> 
>> 00050 divert 8668 ip from any to any via eth0
>> 00100 allow ip from any to any via lo0
>> 00200 deny ip from any to 127.0.0.0/8
>> 00300 deny ip from 127.0.0.0/8 to any
>> 65000 allow ip from any to any
>> 65535 deny ip from any to any
>> 
>> 
>> -Eric
>> 
>>> You're ipfw rules aren't diverting anything to natd.  You need a rules
>>> like:
>>> 
>>> /sbin/ipfw add divert natd all from any to any via eth0
>>> 
>>> In your firewall rules.
>>> 
>>> Joe Clarke
>>> 
>>> On Fri, 6 Jul 2001, Eric Long wrote:
>>> 
>>>> I am at a loss with this setup, any suggestions are welcome:
>>>> 
>>>> Details:
>>>> Running Freebsd 4.3-RELEASE, ipfw, natd, dhcpd, and gateway is enabled
>>>> 
>>>> I'm running this box with two NIC's and an Emerging Technologies card that
>>>> functions as a router.  The Emerging Technologies card (eth0) is the WAN
>>>> interface, one of the NIC's (fxp1) is the LAN interface.  Nothing on the
>>>> LAN
>>>> interface can access the internet (via the WAN interface).
>>>> 
>>>> What I know:
>>>> 1.)  Traffic gets to the FreeBSD box from the WAN interface.
>>>> 2.)  Traffic goes out the WAN interface from the FreeBSD box
>>>> 3.)  Traffic goes out the LAN interface from the FreeBSD box (workstations
>>>> are assigned ip's via dhcpd therefore telling me that they are seeing the
>>>> box on the network via the LAN interface), plus I can also ping these boxes
>>>> when they are assigned an IP
>>>> 4.)  Traffic does NOT go out the WAN interface from the LAN interface (no
>>>> workstation can reach the net).
>>>> 
>>>> Problem:
>>>> Is this a routing issue?  Traffic simply isn't being passed from the LAN
>>>> interface to the WAN interface.
>>>> 
>>>> My routing tables:
>>>> 
>>>> % netstat -r -n
>>>> Routing tables
>>>> 
>>>> Internet:
>>>> Destination        Gateway            Flags     Refs     Use     Netif
>>>> Expire
>>>> default            65.114.176.41      UGSc        6    24630     eth0
>>>> 65.114.176.41      65.114.176.42      UH          5        2     eth0
>>>> 127.0.0.1          127.0.0.1          UH          0        4      lo0
>>>> 192.168.1          link#2             UC          0        0     fxp1 =>
>>>> 
>>>> eth0 is 65.114.176.42
>>>> fxp1 is 192.168.1.1
>>>> 
>>>> Pertinent details from /etc/rc.conf:
>>>> gateway_enable="YES"
>>>> firewall_enable="YES"
>>>> firewall_type="open"
>>>> natd_enable="YES"
>>>> natd_interface="eth0"
>>>> natd_flags="-f /etc/natd.conf"
>>>> 
>>>> ipfw details:
>>>> % ipfw list
>>>> 00100 allow ip from any to any via lo0
>>>> 00200 deny ip from any to 127.0.0.0/8
>>>> 00300 deny ip from 127.0.0.0/8 to any
>>>> 65000 allow ip from any to any
>>>> 65535 deny ip from any to any
>>>> 
>>>> -Eric
>>>> 
>>>> 
>>>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>>>> with "unsubscribe freebsd-questions" in the body of the message
>>>> 
>>>> 
>>> 
>>> 
>>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>>> with "unsubscribe freebsd-questions" in the body of the message
>>> 
>> 
>> 
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe freebsd-questions" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message