Date: Mon, 05 Jul 2004 20:07:06 +0900 From: Luke Kearney <lukek@meibin.net> To: Brett Wiggins <bawig1@student.monash.edu> Cc: freebsd-questions@freebsd.org Subject: Re: internet gateway Message-ID: <20040705195556.F0F5.LUKEK@meibin.net> In-Reply-To: <220.253.52.253.1089022810.6997@my.monash.edu.au> References: <220.253.52.253.1089022810.6997@my.monash.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 05 Jul 2004 10:40:58 +0000 Brett Wiggins <bawig1@student.monash.edu> spake thus: > Hi, > I am having some problems setting up an internet gateway for my home network. My gateway machine has two network cards, one connected to my ADSL modem and the other to a switch and my internal network. My gateway machine (FreeBSD) can connect to the internet and it can ping machines on my local network. Machines on my local network run windows. > > ISP > | > | > ADSL > MODEM > | > | > FREEBSD |----- MACHINE A > MACHINE | > | | > |-------SWITCH--|----- MACHINE B > | > | > |----- MACHINE C > > So Far I have recompiled my kernel with the following options added; > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=50 > options TCP_DROP_SYNFIN > > I then edited /etc/rc.conf > gateway_enable="YES" > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="OPEN" > firewall_quiet="NO" > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="netspace" > ifconfig_rl0="inet 10.0.0.1" > > Then I edited ppp.conf with the following; > nat enable yes > nat log yes > nat same_ports yes > nat unregistered_only yes > enable dns > > That is where I got up to now i'm stuck and don't know what to do next. Any help with this would be great. > > Brett G'day, http://www.schlacter.net/public/FreeBSD-STABLE_and_IPFILTER.html http://www.neon1.net/misc/firewall.html I'm afraid I don't know a great deal about using IPFW but it seems to me that ppp.conf is probably not the place to put your NATD rules. man natd gives some good advice on setting this up. I included some links that show how to use IPF and IPNAT to accomplish the task your working on. I personally found them easy enough to read and follow however I am confident that if you google a bit more you will find equally good documentation that focuses on IPFW. HTH LukeK -- Luke Kearney <lukek@meibin.net>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040705195556.F0F5.LUKEK>