From owner-freebsd-stable Tue May 23 13:21:24 2000 Delivered-To: freebsd-stable@freebsd.org Received: from turtle.looksharp.net (cc360882-a.strhg1.mi.home.com [24.2.221.22]) by hub.freebsd.org (Postfix) with ESMTP id 7EE3937B5A8 for ; Tue, 23 May 2000 13:21:20 -0700 (PDT) (envelope-from bsdx@looksharp.net) Received: from localhost (bsdx@localhost) by turtle.looksharp.net (8.9.3/8.9.3) with ESMTP id QAA30882; Tue, 23 May 2000 16:21:43 -0400 (EDT) (envelope-from bsdx@looksharp.net) Date: Tue, 23 May 2000 16:21:43 -0400 (EDT) From: Adam To: "B. Carlson" Cc: stable@FreeBSD.ORG Subject: Re: One internet connection for many puters? In-Reply-To: <392ABAD9.9842D2A8@msu.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG It looks like that page does not cover the necessary firewall rule(s) to allow nat to work, so check the manpage for natd. Its fairly complete and should work if you follow all the steps. Some of the hints in it are a little outdated, so you basically want to find the ipfw divert rule and make sure its being added. Also remember if there is a chance that natd will accidently or otherwise killed, you will lose access to anything you didnt specifically allow with firewall rules before the ipfw divert rule. For instance, you might want to ipfw add 101 allow tcp from any to any 23 to allow telnet (or 22 for ssh, etc) incase natd is stopped without removing the divert rule. On Tue, 23 May 2000, B. Carlson wrote: >I'm trying to set up FreeBSD 4.0 so I can use more than one computer >for the internet, I have a cable modem. I followed these steps: >http://freebsd.lanfear.com/howtos/firewall.html > >This is my rc.conf file, I have two network cards, xl0 xl1, the first >xl0 is hooked up directly to the net connection, the 2nd is hooked >up to a hub. I recompiled my kernel just like the webpage said, >Natd is running. > >linux_enable="YES" >gateway_enable="YES" >firewall_enable="YES" >firewall_type="open" >firewall_quiet="NO" >natd_enable="YES" >natd_interface="xl0" >network_interfaces="xl0 xl1 lo0" >ifconfig_xl0="inet 24.19.88.190 netmask 255.255.255.0" >defaultrouter="24.19.88.1" >sshd_enable="YES" >hostname="nurdcave.com" >ifconfig_xl1="inet 10.10.10.1 netmask 255.255.0.0" > >I'm trying to setup another BSD box behind the firewall, I specify >it with an IP of 10.10.10.2 and tell it the gateway is at 10.10.10.1 >with a netmask of 255.255.0.0 and still point it to the DNS server >at 24.2.222.33, which is the server of the cable company. Is >there any steps in here that I have missed? Am I sending it to the >wrong spot? > >TIA > >B. Carlson > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message