From owner-freebsd-questions Mon Jun 8 17:07:45 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA09793 for freebsd-questions-outgoing; Mon, 8 Jun 1998 17:07:45 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.force9.co.uk [195.166.136.63]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA09533 for ; Mon, 8 Jun 1998 17:05:30 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.org (8.8.8/8.8.8) with ESMTP id AAA17886; Tue, 9 Jun 1998 00:59:16 +0100 (BST) (envelope-from brian@gate.lan.awfulhak.org) Message-Id: <199806082359.AAA17886@awfulhak.org> X-Mailer: exmh version 2.0.1 12/23/97 To: David Boisvert cc: FreeBSD questions Subject: Re: ipfw & natd problems In-reply-to: Your message of "Mon, 08 Jun 1998 17:46:34 EDT." <357C5B79.446B9B3D@uqtr.uquebec.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 09 Jun 1998 00:59:15 +0100 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You'll need to ``divert'' packets to natd in your firewall rules as described in the man page. > Hi, > > I need some assistance and help with the install of ipfw and natd. I > have a P100 with FreeBSD 2.2.6 on it and I also have a 489dx66 with > win3.11 for workgroup. I can telnet from my win3.11 to my FreeBSD box > and myFreeBSD box can ping my 486. > > My settings are: > > 205.151.62.42 : Cable modem connected to the internet (ed1) > 192.168.1.1 : Second ethernet card in the FreeBSD > connected to the 486 (ed2) > 192.168.1.2 : Third ethernet card in the 486 > > > In the 486: > > IP Adress 192.168.1.2 > SubnetMASK 255.255.255.0 > Default Gateway 192.168.1.1 > Primary Wins Server 1.1.1.1 > Secondary Wins Server 1.1.1.1 > > Enable dns for windows name resolution > > dns 205.151.69.200 (same as my FreeBSD box) > > /etc/rc.conf > > firewall_enable="YES" > firewall_type="open" > firewall_quiet="NO" > gateway_enable="YES" > > KERNEL: > > options IPFIREWALL #code packet filtering > options IPFIREWALL_VERBOSE #logging packet throught syslogd > options IPFIREWALL_VERBOSE_LIMIT=20 #limits the numbers of > packets #logged throught > syslogd on a #per day > basis > options IPDIVERT #for the use of NATD > > > FIREWALL: > > 01000 allow ip from any to any via lo0 > 01010 deny ip from 127.0.0.0/8 to 127.0.0.0/8 > 65000 allow ip from any to any > 65535 deny ip from any to any > > > /etc/services: > > natd 6668/divert # Network adress translation socke > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- Brian , , Don't _EVER_ lose your sense of humour.... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message