From owner-freebsd-questions Mon Jan 8 14:50:37 2001 Delivered-To: freebsd-questions@freebsd.org Received: from hyperreal.org (taz.hyperreal.org [209.133.83.16]) by hub.freebsd.org (Postfix) with SMTP id C494D37B402 for ; Mon, 8 Jan 2001 14:50:19 -0800 (PST) Received: (qmail 19145 invoked by uid 12); 8 Jan 2001 22:47:44 -0000 Message-ID: <20010108224744.19144.qmail@hyperreal.org> From: mike@hyperreal.org Subject: Re: Firewalls on FreeBSD 4.X In-Reply-To: <3A5A1D9B.271CA825@cotdazr.org> from Ev Batey at "Jan 8, 2001 12:05:47 pm" To: efbatey@cotdazr.org Date: Mon, 8 Jan 2001 14:47:44 -0800 (PST) Cc: freebsd-questions@freebsd.org X-Mailer: ELM [version 2.4ME+ PL60 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Ev Batey wrote: > Some people need a lot of guidance. Sorry. TO implement NAT, FireWall, > Masquerading, etc. In a 4.2 dual homed (2 ethernet, seldom on PPP) > gateway host, do I: > > (1) expect any of the OPTIONS in the GENERIC Kernel ? > like firewall, natd, masq ... Yes you do need certain options to be enabled in the kernel. (IPFIREWALL and IPDIVERT). No, the GENERIC kernel does not come with the necessary options enabled. You must compile your own kernel. You must also set a few items in /etc/rc.conf. See http://www.mostgraveconcern.com/freebsd/ under "Setting up a dual-homed host". Don't worry about steps 6-9 until you're sure your NAT is working correctly. And also look at all the handbook and man pages that are referenced therein. -Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message