Date: Fri, 16 Mar 2001 21:42:09 +1300 From: David Preece <davep@afterswish.com> To: "Ty C. Mixon" <tymanthius@usa.net> Cc: freebsd-questions@freebsd.org Subject: Re: [Re: More NATD/IPFW woes . . . ] Message-ID: <5.0.2.1.1.20010316212807.02196eb0@pop3.paradise.net.nz> In-Reply-To: <200103160207.f2G27jQ00249@tymanthius.yi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 19:14 15/03/2001 -0700, you wrote: >firwall_enable="YES" Typo. f i r e w a l l >firewall_type="OPEN" >firewall_script="/etc/rc.firewall.simple" >firewall_quiet="NO" Don't know about these, never seen any of them. Personally, I would ditch the lot and get your default open firewall through the kernel configurations: options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_FORWARD options IPDIVERT Finally, adding some debugging stuff to the rc.* scripts. Get to rc.network and around line 200 odd (look for natd in vi by doing '/natd' a few times) you'll see a 'case natd_enable'. Try an 'echo $natd_enable' just before the case statement, and another one inside to see what's going on. Also, this is a big rc.conf, hacked to bits with sysinstall (who is not really my friend). Below is my entire rc.conf, IP addresses changed to protect the guilty: sendmail_enable="NO" gateway_enable="YES" hostname="firewall" ifconfig_ep0="inet 123.45.67.89" ifconfig_ep1="inet 192.168.0.1" defaultrouter="123.45.67.1" firewall_enable="YES" natd_enable="YES" natd_interface="ep0" cron_enable="NO" inetd_enable="NO" portmap_enable="NO" blanktime="NO" dhcpd ep1 >Ty C. Mixon Off sailing over the weekend, will be back inna couple of days. Keep it up, you're nearly there, and though it may suck now.... you are learning and becoming, well, enriched as a result. Dave :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20010316212807.02196eb0>