From owner-freebsd-questions@freebsd.org Mon Oct 23 19:19:05 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8E592E52C91 for ; Mon, 23 Oct 2017 19:19:05 +0000 (UTC) (envelope-from efrenba@gmail.com) Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5806980B8B for ; Mon, 23 Oct 2017 19:19:05 +0000 (UTC) (envelope-from efrenba@gmail.com) Received: by mail-it0-x234.google.com with SMTP id f187so7231738itb.1 for ; Mon, 23 Oct 2017 12:19:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=FNhzX1JsJF7wwjvz5vupArmmYzCXb8ZxW7U+ypnNjGE=; b=UxoXfGsnQfr/1GKqzZhDR/HCVbuBGbtGFCfrmWOC+U7uufWQLvJ7AQG62hbihClJsX jDa6fhwf9gOqxzE08tW8Viyf62DoACx3fa/o6iw4uiJH8kkI/uoVBoJi3+UPz73JvNS/ XuAKJhJG5M/+X0En36h43qNVRWwr3wZIP5mYPYVqCfpIWoYEmDNIQwCABAsPNnXEeY0T hokVrZZkwRFQcNAKIdAK0CFSRPUXn4zeKQWa7JDp4NphswhH22C+8WEgkl7o1XxNWrMo bYOWh0IeWluavX8wfDz/l65V9gWkBp+6obiCy7fI3X/pnPY2sIweW/LR1HWH2FUdjT7Z sVfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=FNhzX1JsJF7wwjvz5vupArmmYzCXb8ZxW7U+ypnNjGE=; b=L6dx8CFxxRn9Y30c1foUYHiaoMyvsK41g2LacaBuqscqi6tBJQFo1w56qxbzhVzwMv swsltuGvYe6osCfa5LUNVVq7ycXnzWUfm3/uZrJCSU4CmNYJG7aW4XdV7Z/gH5P69Luj wU+tPvVK8giSJWuUlebsCROHMsn/PyElb6eL7fOP1cENGynm+XLi0Szco37z/3IYsXzR B7b5GVU6yn6EuS+DWa5R92DvpMps3Ab4RE6Gql77nf/nLOQ2TPLmiGnNjxcFRtj073fE jEq40mZuxTcbIF6mZP0RRIJlT4h1gl8HM11tUFglyT3ia93SJ9vtx7IJRPmgGHxO3fzj bowg== X-Gm-Message-State: AMCzsaWBAdw9uLqKoHbbWrO1KLc9iP+BdbDaviNuj9ZY9QIL6fcDqLa0 fFAtEaY1e54lhDZ+Stsg8y7ql0KUqWm63EXVmhR69A== X-Google-Smtp-Source: ABhQp+RecV5RUR3iSwkCjgc1qHjPXzvoKhdBslbD/Dt4I7glYCz7nBK2T0WveLo2GuKHxjX5VwCA2Otq2K6GcTw92ME= X-Received: by 10.36.130.131 with SMTP id t125mr10493735itd.104.1508786344667; Mon, 23 Oct 2017 12:19:04 -0700 (PDT) MIME-Version: 1.0 Received: by 10.2.80.199 with HTTP; Mon, 23 Oct 2017 12:19:04 -0700 (PDT) From: Efren Bravo Date: Mon, 23 Oct 2017 15:19:04 -0400 Message-ID: Subject: Routing problem To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Oct 2017 19:19:05 -0000 Hi there, I installed a FreeBSD 10.1 box and upgraded to 10.4. I tried to configure this box as a FW but I can't get ping works from inside LAN to outside world, neither any tcp/upd connection. Basic configs: router ip: 190.92.124.89 kernel (recompiled & installed OK): a lot of innecesary things disabled before recompilation --- options IPFILTER options IPFILTER_LOG options IPFILTER_LOOKUP options IPFILTER_DEFAULT_BLOCK /etc/rc.conf --- #WAN ifconfig_re0="inet 190.92.124.90 netmask 255.255.255.248" # LAN ifconfig_em0="inet 10.170.0.1 netmask 25.255.255.128" defaultrouter="190.92.124.89" gateway_eanble="YES" /etc/ipfilter.rules --- pass out quick lo0 all pass in quick lo0 all pass out quick em0 all pass in quick em0 all pass out quick re0 all pass in quick re0 all Routing tables --- Destin GW Flags Netif default 190.92.124.89 UGS re0 10.170.0.0/25 link#1 U em0 10.170.0.21 link#1 UHS lo0 127.0.0.1 link#3 UH lo0 190.92.124.88/29 link#2 U re0 190.92.124.91 link#2 UHS lo0 >From inside box I can ping outside world and inside LAN, but from a internal PC (IP:10.170.0.11) I cannot reach outside world. I need help, someone who tell where to look to fix it because I don't realize why happens this. thanks in advance -- ---------------- Efren Bravo