Date: Mon, 9 Dec 2002 11:26:11 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Mike <massey@rmci.net> Cc: freebsd-questions@freebsd.org Subject: Re: IPNAT help Message-ID: <20021209112136.Y5604-100000@cactus.fi.uba.ar> In-Reply-To: <000501c2a64f$e6c9fea0$2202ded8@data>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 Dec 2002, Mike wrote: > Trying to setup a small local network off of my DSL. Currently I use a > different OS to do this but I am switching, or trying to.. > > I am using IPNAT and have added all of the options to redo the kernel. > options INET #InterNETworking > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > options IPSTEALTH > options TCP_RESTRICT_RST > options INET6 #IPv6 communications protocols If you use ipnat, you need "options IPFILTER", and drop all "options IPFIREWALL*" and IPDIVERT > > Recompiled and setup my firewall - Works great. Next went after ipnat > and natd (Note some of these I do not need I think but which ones?) I > need a clear step by step on this if someone has one. If you use ipfilter, use ipnat. if you use ipfw, use natd. > > My RC.CONF with IP changed > # -- sysinstall generated deltas -- # Sat Nov 30 16:10:02 2002 > # Created: Sat Nov 30 16:10:02 2002 > # Enable network daemons for user convenience. > # Please make all changes to this file, not to /etc/defaults/rc.conf. > # This file now contains just the overrides from /etc/defaults/rc.conf. > #My ADSL router > defaultrouter="216.0.0.33" > ipfilter_enable="YES" > ipnat_anabled="YES" that should be ipnat_enable > natd_enable="YES" > natd_interface="fpx0" > natd_flags="-f /etc/natd.conf" > gateway_enable="YES" > hostname="myhost.myhost.us" > ifconfig_fxp0="inet 216.0.0.35 netmask 255.255.255.248" > ifconfig_xl0="inet 192.168.0.2 netmask 255.255.255.0" > inetd_enable="NO" > ipv6_enable="YES" > kern_securelevel_enable="NO" > linux_enable="YES" > nfs_reserved_port_only="YES" > sendmail_enable="YES" > sshd_enable="YES" > usbd_enable="YES" > #required for ipfw support > firewall_enable="YES" > #firewall_script="/etc/ipfw.rules" > firewall_script="/etc/rc.firewall" > firewall_type="simple" > firewall_quiet="NO" #change to YES once happy with rules > firewall_logging_enable="YES" > #extra firewalling options > log_in_vain="YES" > tcp_restrict_rst="YES" > icmp_drop_redirect="YES" > > Next added my ipnat.conf file > > map fxp0 192.168.0.0/24 -> 216.222.2.35/29 portmap tcp/udp 10000:65000 by default, ipnat looks for the rules in /etc/ipnat.rules. Move the file or tweak the ipnat_rules var in rc.conf Hope this helps Fer > > So pick it apart and point me in the right direction if possible. I am > continuing to try and make it work... > > Thanks > > PS - This is my First post on anything in FreeBSD, the rest from MySQL > to SSHD SSL Apache PHP Webmin all went great! > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021209112136.Y5604-100000>