Date: Tue, 23 May 2000 15:54:34 -0500 From: Stephen Montgomery-Smith <stephen@math.missouri.edu> To: "B. Carlson" <carls107@msu.edu> Cc: stable@FreeBSD.ORG, marcw@lanfear.com Subject: Re: One internet connection for many puters? Message-ID: <392AF00A.3C4BAE43@math.missouri.edu> References: <392ABAD9.9842D2A8@msu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
What a coincidence - I have just done the very same thing myself. I found the most useful reference was the chapters in the "Complete FreeBSD" by Greg Lehay. Before that, it was very hard to figure out how to do this. I looked through the instructions, and it is missing instructions on how to set up the firewall rules. Basically I followed what was in the man page for natd. Also, I added a few options to natd. So, this is what I have: in rc.conf, in addition to what you have: firewall_script="/etc/rc.firewall.mine" natd_flags="-s -m -u -dynamic" and I created a file called rc.firewall.mine containing /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via rl1 /sbin/ipfw add pass all from any to any Also, in my config file for compiling the kernel I also had the line options IPFIREWALL_DEFAULT_TO_ACCEPT I guess that in the end you should remove this line, but at least when debugging I think it would help out. (I found it very disconcerting that as soon as I created the firewall, I could not connect anywhere - especially when like me you really don't know what you are doing.) One of the options I put on natd might require your local area network addresses to be 192.168.xxx.xxx, which is what I have. I also CCed Marc Wandschneider so that if he likes, he could add this info to his web page. "B. Carlson" wrote: > > I'm trying to set up FreeBSD 4.0 so I can use more than one computer > for the internet, I have a cable modem. I followed these steps: > http://freebsd.lanfear.com/howtos/firewall.html > > This is my rc.conf file, I have two network cards, xl0 xl1, the first > xl0 is hooked up directly to the net connection, the 2nd is hooked > up to a hub. I recompiled my kernel just like the webpage said, > Natd is running. > > linux_enable="YES" > gateway_enable="YES" > firewall_enable="YES" > firewall_type="open" > firewall_quiet="NO" > natd_enable="YES" > natd_interface="xl0" > network_interfaces="xl0 xl1 lo0" > ifconfig_xl0="inet 24.19.88.190 netmask 255.255.255.0" > defaultrouter="24.19.88.1" > sshd_enable="YES" > hostname="nurdcave.com" > ifconfig_xl1="inet 10.10.10.1 netmask 255.255.0.0" > > I'm trying to setup another BSD box behind the firewall, I specify > it with an IP of 10.10.10.2 and tell it the gateway is at 10.10.10.1 > with a netmask of 255.255.0.0 and still point it to the DNS server > at 24.2.222.33, which is the server of the cable company. Is > there any steps in here that I have missed? Am I sending it to the > wrong spot? > > TIA > > B. Carlson > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?392AF00A.3C4BAE43>