Date: Tue, 14 Oct 2008 14:40:01 +0300 From: Manolis Kiagias <sonic2000gr@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system Message-ID: <48F48511.2020708@gmail.com> In-Reply-To: <87iqrvijcn.fsf@thingy.bsdly.net> References: <48F43EB1.40304@gmail.com> <87iqrvijcn.fsf@thingy.bsdly.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter N. M. Hansteen wrote: > Manish Jain <unxfbsdi@gmail.com> writes: > > >> I am poor at networking and need a little bit of help. My dad has a >> Windows 2000 machine with a network card but does not have a connection >> to the internet. >> > > When I started writing this, I thought that system had been abandoned > already, but it appears Microsoft will offer a measure of support > through next year sometime. Do see that the system gets properly > updated before you put it on the net. > > >> My freebsd 6.2 box is connected to the internet and has >> 2 network cards, rl0 and rl1. rl0 connects to the ISP and rl1 is >> directly connected via a long Ethernet cable to the NIC on my dad's >> machine. While I can access the internet easily, I want my dad to be >> able to connect to the internet with my freebsd box serving as the >> gateway. Can anyone please explain to me in easy steps how to accomplish >> this ? >> > > The keyword is that you need to set up your machine as a gateway. > There are numerous guides available on how to do that (including the > FreeBSD Handbook (free, online and likely already on your system) my > PF tutorial (http://home.nuug.no/~peter/pf/) contains more than a few > hints, as do several books available at better bookstores), but I > would recommend that you pick literature that enables you to learn the > basics of TCP/IP as well as the actual commands needed. Looking into > packet filtering for basic protection won't hurt either. With those > keywords in hand, you should be able to dig up something useful. > > - Peter > Inspired by this discussion (and just replying to a random post) I tried for the first time to get a test machine as a gateway. I tried the handbook's instructions, here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html These work flawlessly, you will need to recompile your kernel though. The rest of the setup is relatively simple. I am more accustomed to using pf rather than IPFW though, and as I wanted to test this on my main system, I came up with this setup: /etc/rc.conf pf_enable="YES" pf_rules="/etc/pf.conf" pf_flags="" gateway_enable="YES" (Run sysctl net.inet.ip.forwarding=1 *and* /etc/rc.d/routing restart if you do not wish to reboot after modifying rc.conf) I added this rule before the filtering rules section in my /etc/pf.conf: nat pass on rl1 from rl0:network to any -> rl1 (This is an excellent read: http://www.openbsd.org/faq/pf/ ) where rl1 is the Internet-facing card, and rl0 is the local network one. Also added a few simple rules to allow traffic from rl0 as I am normally using pf for firewalling. This also worked nicely, and has the added advantage of not having to recompile the kernel. So the OP has quite a few options, and it may prove not to be very difficult after all.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48F48511.2020708>