From owner-freebsd-ipfw Tue Jan 22 6:27:42 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.dev.itouchnet.net (devco.net [196.15.188.2]) by hub.freebsd.org (Postfix) with ESMTP id 6B25E37B41C for ; Tue, 22 Jan 2002 06:27:32 -0800 (PST) Received: from nobody by mx1.dev.itouchnet.net with scanned_ok (Exim 3.33 #2) id 16T1vM-0007oX-00 for FREEBSD-IPFW@freebsd.org; Tue, 22 Jan 2002 16:29:20 +0200 Received: from shell.devco.net ([196.15.188.7]) by mx1.dev.itouchnet.net with esmtp (Exim 3.33 #2) id 16T1vL-0007oJ-00; Tue, 22 Jan 2002 16:29:19 +0200 Received: from bvi by shell.devco.net with local (Exim 3.33 #4) id 16T1yw-0004Ow-00; Tue, 22 Jan 2002 16:33:02 +0200 Date: Tue, 22 Jan 2002 16:33:02 +0200 From: Barry Irwin To: "Rami W. Qutub" Cc: FREEBSD-IPFW@freebsd.org Subject: Re: Gateway & Firewall Message-ID: <20020122163302.V32746@itouchlabs.com> References: <008201c1a350$5e63e240$9600000a@rami> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <008201c1a350$5e63e240$9600000a@rami>; from rami@idsintl.com on Tue, Jan 22, 2002 at 04:23:30PM +0200 X-Checked: This message has been scanned for any virusses and unauthorized attachments. X-iScan-ID: 30037-1011709759-80885@mx1.dev.itouchnet.net version $Name: REL_2_0_2 $ Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG you need a firewall rule to pass traffic to the natd have a look at the natd man page and it describes this. you need something like: ipfw add 100 divert natd ip from any to any via xl1 but please refer to the manpage above for more details. the ipfw man page should also be read. Barry -- Barry Irwin bvi@itouchlabs.com +27214875150 Systems Administrator: Networks And Security Itouch Labs http://www.itouchlabs.com South Africa > > > Hi All, > > I am facing a problem in installing and configuring my FreeBSD Gateway > Server. I installed FreeBSD 4.4 on the server, and then change the > /etc/rc.conf file by adding the following lines > gateway_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" > natd_enable="YES" > natd_interface="xl1" > natd_flags="" > > The I re-compiled the kernal after adding > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_VERBOSE > Options IPFIREWALL_FORWARD > > Before doing all the above I installed 2 network cards on the server, > and I gave the first one "xl1" the extrnal ip with DNS name, ...etc. And > I gave the second one an Internal ip. > > So what else shall I do to run the system !!?? > > Please advise. > > Rami > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > > -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message