From owner-freebsd-questions Sun Oct 22 21:38:18 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ns.ezl.com (ns.ezl.com [208.33.203.10]) by hub.freebsd.org (Postfix) with ESMTP id DBEE337B479 for ; Sun, 22 Oct 2000 21:38:15 -0700 (PDT) Received: from amd800 (MultiSegC30.ezl.com [208.33.200.94]) by ns.ezl.com (8.9.0/8.9.0) with SMTP id XAA21596 for ; Sun, 22 Oct 2000 23:38:09 -0500 (CDT) Message-ID: <000701c03cab$4a7c2ce0$0200000a@garnax.com> From: "Erik" To: Subject: routing with natd Date: Sun, 22 Oct 2000 23:39:53 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have installed: FreeBSD 4.1-RELEASE Conceptually this is how I have it hooked up: cable (dhcp) ---(vr0)-> BSD machine --(ed0)--> hub ----> pc1 realip x.x.x.x | 10.0.0.2 & 10.0.0.1 pc2 10.0.0.3 I think this is the useful stuff from the rc.conf file: ifconfig_vr0="DHCP" gateway_enable="YES" network_interfaces="lo0 ed0 vr0" # List of network interfaces ivconfig_lo0="inet 127.0.0.1" # default loopback device ifconfig_ed0="inet 10.0.0.1 netmask 255.255.255.0" firewall_enable="YES" firewall_type="OPEN" firewall_script="/etc/firewall/fwrules" # created by me natd_program="/sbin/natd" natd_enable="YES" natd_interface="vr0" PC1 and PC2 win98 SE installed on both ips: 10.0.0.2 and 10.0.0.3 and subnet mask is 255.255.255.0 dns configuration: host: pc1 and pc2 domain: whatever.com dns search order: x.x.x.x dns server for cable c:\windows\hosts.sam 127.0.0.1 localhost 10.0.0.1 BSD BSD.whatever.com 10.0.0.2 PC1 PC1.whatever.com 10.0.0.3 PC2 PC2.whatever.com I recompiled my kernel with IPDIVERT and IPFIREWALL as options. I am able to access the internet from the BSD machine. I can ping pc1(10.0.0.2) and pc2(10.0.0.3) either by ip or alias from the BSD machine. (edited hosts) I can telnet in to the BSD machine from pc1 or pc2 by using 10.0.0.1 (but not aliases) What I want to do is have the BSD machine act as a firewall/router so that my little network has access to the internet while still being protected. I would also like to be able to telnet into it (lack of monitors). Is there anything else I have to do to these windows machines? Is my rc.conf correct? and Should I change anything in the rc.conf file? firewall_type="simple"? natd_flags="????" natd_flags="-f /etc/natd.conf"??? What should I have in the fwrules file? what should I have in the natd.conf file? and how would I use it? Do I need to add "sysctl -w net.inet.ip.forwarding=1" to a file somewhere? Anything else that I need to do or any additional help would be greatly appreciated. Erik erik@ezl.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message