From owner-freebsd-questions  Mon Mar 23 17:41:59 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA06089
          for freebsd-questions-outgoing; Mon, 23 Mar 1998 17:41:59 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA06080
          for <freebsd-questions@FreeBSD.ORG>; Mon, 23 Mar 1998 17:41:53 -0800 (PST)
          (envelope-from dan@dpcsys.com)
Received: from localhost (dan@localhost) by java.dpcsys.com (8.8.7/8.8.5) with SMTP id RAA01755; Mon, 23 Mar 1998 17:41:49 -0800 (PST)
Date: Mon, 23 Mar 1998 17:41:49 -0800 (PST)
From: Dan Busarow <dan@dpcsys.com>
To: erron jett <erron@hotmail.com>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: need routing help
In-Reply-To: <19980323231235.6680.qmail@hotmail.com>
Message-ID: <Pine.BSF.3.96.980323172450.881H-100000@java.dpcsys.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 23 Mar 1998, erron jett wrote:
> heres the info for the nics
> ed0  (isp, static)
> ip        24.1.88.xx
> gateway   24.1.88.1
> subnet    255.255.255.0
> 
> edi  (local)
> ip       208.202.105.xx
> gateway  208.202.105.1
> subnet   255.255.255.255

Since 208.202.105.0 is in UUNet's address space this wouldn't work
even if you did have your routing working. (Return packets
would go to UUNet)

Switch to RFC1918 addresses internally (ie 192.168.0.0-192.168.255.255)
and use natd.

You need to compile a kernel with options IPFIREWALL and IPDIVERT

Then enable the firewall in rc.conf with

firewall_enable="YES"
firewall_type="open"            # Set to firewall type or NO for none.
firewall_quiet="NO"             # Set to firewall type or NO for none.

You can change firewall_type to something other that "open"
*after* you get the rest working.

You apparently already have gateway_enable="YES" or you wouldn't
be able to ping ed0 from the inside.

Finally run natd to handle the translation from private addresses
to your @Home address, here's what I run

/usr/sbin/natd -s -m -u -interface ed0

That should get you up.  You do not need to make any manual
entries in the routing table, ifconfig will take care of that
for you.

If you run into problems do a search on natd using the freebsd.org
mailing list search engine.

Dan
-- 
 Dan Busarow                                                  714 443 4172
 DPC Systems / Beach.Net                                    dan@dpcsys.com
 Dana Point, California  83 09 EF 59 E0 11 89 B4   8D 09 DB FD E1 DD 0C 82


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message