Date: Thu, 17 Jan 2002 14:13:15 -0800 (PST) From: =?ISO-8859-1?Q?Flemming_Fr=F8kj=E6r?= <flemming@froekjaer.org> To: ipfw@freebsd.org Subject: ipfw and nat Message-ID: <1011305595.3c474c7ba1e17@greystork.com>
next in thread | raw e-mail | index | archive | help
I cant get thrue my firewall. If I try to ping the firewall or anything outside I get a no response, and if I try to ping from the firewall to a ip behind it I get a permission denied, or something like that. I tryed to go to grab a web page outside the firewall, and it seemed like after droping a lot of the packages I got something thrue, but it was only a small fragment of the packages. Any hints to what I'm doing wrong would be most wellcome. /Flemming Kernel is 4.5RC and I have added: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100options IPDIVERT In RC.conf I have: ifconfig_fxp0="inet xxx.xxx.xxx.xxx netmask 255.255.255.252" ifconfig_fxp0="inet 192.168.111.1 netmask 255.255.255.0"defaultrouter="xxx.xxx.xxx.xxy" gateway_enable="YES" firewall_enable="YES" firewall_type="simple" natd_enable="YES" natd_interface="fxp0" If I set the firewall_type to open then I can get out, but I would like a little more security than that. in rc.firewall I have edited the following: oif="fxp0" onet="xxx.xxx.xxx.xxz" omask="255.255.255.252" oip="xxx.xxx.xxx.xxx" iif="fxp1" inet="192.168.111.0" imask="255.255.255.0" iip="192.168.111.1" Everything else is left to default. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1011305595.3c474c7ba1e17>