Date: Mon, 5 Jul 2004 10:46:56 -0400 From: "JJB" <Barbish3@adelphia.net> To: "Brett Wiggins" <bawig1@student.monash.edu>, <freebsd-questions@freebsd.org> Subject: RE: internet gateway Message-ID: <MIEPLLIBMLEEABPDBIEGMEGBGFAA.Barbish3@adelphia.net> In-Reply-To: <220.253.52.253.1089022810.6997@my.monash.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Your using the ppp nat function which is ok, but you have also
complied the ipfw divert option into your kernel. The ipfw divert
option does the same thing as ppp nat. Recompile your kernel and
remove the divert option. Also the /etc/rc.firewall rules are way to
complicated for your needs. Create file /etc/ipfw.rules containing
just these rules.
ipfw -f flush
ipfw add allow all from any to any
rc.conf only needs these statements to enable ipfw
firewall_enable="YES" # Start IPFW daemon
firewall_script="/etc/ipfw.rules" # use my custom rules.
filewall_logging="YES" # Enable packet logging
You may also want to read the new rewrite of the Freebsd handbooks
firewall section which is currently available at
www.a1poweruser.com/FBSD_firewall/ The Freebsd doc group has
downloaded this manuscript and working on it to replace what is
currently in the handbook.
-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Brett
Wiggins
Sent: Monday, July 05, 2004 6:41 AM
To: freebsd-questions@freebsd.org
Subject: internet gateway
Hi,
I am having some problems setting up an internet gateway for my
home network. My gateway machine has two network cards, one
connected to my ADSL modem and the other to a switch and my internal
network. My gateway machine (FreeBSD) can connect to the internet
and it can ping machines on my local network. Machines on my local
network run windows.
ISP
|
|
ADSL
MODEM
|
|
FREEBSD |----- MACHINE A
MACHINE |
| |
|-------SWITCH--|----- MACHINE B
|
|
|----- MACHINE C
So Far I have recompiled my kernel with the following options added;
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=50
options TCP_DROP_SYNFIN
I then edited /etc/rc.conf
gateway_enable="YES"
firewall_enable="YES"
firewall_script="/etc/rc.firewall"
firewall_type="OPEN"
firewall_quiet="NO"
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="netspace"
ifconfig_rl0="inet 10.0.0.1"
Then I edited ppp.conf with the following;
nat enable yes
nat log yes
nat same_ports yes
nat unregistered_only yes
enable dns
That is where I got up to now i'm stuck and don't know what to do
next. Any help with this would be great.
Brett
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGMEGBGFAA.Barbish3>