Date: Tue, 03 Apr 2007 01:13:57 +0200 From: Volker <volker@vwsoft.com> To: Moisa Teodor <moisadoru@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: home multipurpose gateway/router/server setup help Message-ID: <46118E35.6060003@vwsoft.com> In-Reply-To: <1b6d3f540704010519q78a37ee8sd60f8aeb7200a713@mail.gmail.com> References: <1b6d3f540704010519q78a37ee8sd60f8aeb7200a713@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/23/-58 20:59, Moisa Teodor wrote: > I wanted to set-up a multipurpose server/gateway/router with an old pc, but > ran into some trouble. > I have an internet connection from a local ISP (it's not cable or adsl it's > ethernet) and a couple of home computers. The ISP has a > litle program that needs to run continously in the background (it connects > to one of my ISP's servers on port 2400) > If that program does not run, i cannot go through the ISP's gateway. > In the past i had another box with smoothwall linux, but the motherboard > crashed. Anyway, on that box i was able to > do the trick. > I have installed FreeBSD. Both network cards are working (sis0 and pcn0). I > runt the ISP's software and i have internet > access. Good. But i want to shre this internet connection with my home LAN. > I read somewhere that i need to recompile > the kernel and enable packet filtering and firewall (the tutorial i used is > located here http://www.lugbe.ch/lostfound/contrib/freebsd_router/). > However, when i reboot with the new kernel I cannot connect to any network, > neither the ISP's nor my home LAN. > I want to use this box as a gateway/router/firewall for my home lan, and > also run some services like a web server for my projects, etc. > > > Thanks a lot for your help, and keep up the good work > Doru Moisa Doru, unfortunately you've taken a rather old how-to for your setup. Of course you may go with IPFILTER (IPFW) firewalling but I would recommend to use pf. If you want to go with IPFW, you have to keep in mind it defaults to deny traffic. If you don't activate a (correct) ruleset, all traffic is being blocked. The last time I've used IPFW is about 2 or 3 years ago so my memory about that is currently somewhat limited. I think the default-to-deny is your problem. You may check that out by temporarily disabling IPFW (using `ipfw disable firewall'). If you want to go with pf as your firewalling solution (a modern, high quality firewall), all you need to do is using a GENERIC kernel and kldload pf.ko, write your ruleset, load it (by `pfctl -f ...' and you're done. As you want to use your box as a router for your home LAN, you may also want to set gateway_enable="YES" in /etc/rc.conf which will set sysctl net.inet.ip.forwarding=1 and your box will act as a router. HTH, Volker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46118E35.6060003>