From owner-freebsd-stable Tue Nov 14 4:44: 9 2000 Delivered-To: freebsd-stable@freebsd.org Received: from madness.mdgnet.org (unknown [24.92.156.65]) by hub.freebsd.org (Postfix) with SMTP id 6CEDF37B479 for ; Tue, 14 Nov 2000 04:44:06 -0800 (PST) Received: (qmail 7856 invoked by uid 1000); 14 Nov 2000 12:44:05 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 14 Nov 2000 12:44:05 -0000 Date: Tue, 14 Nov 2000 07:44:05 -0500 (EST) From: Matthew George To: Wim Olivier Cc: FreeBSD-stable Subject: Re: IPFW issue on FBSD 4.0-REL In-Reply-To: <3A111F5B.6E7EBDD@osiricom.co.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG correct you need a divert rule for natd ... something along the lines of: add 100 divert natd ip from any to any via see /etc/rc.firewall, natd(8) On Tue, 14 Nov 2000, Wim Olivier wrote: > Date: Tue, 14 Nov 2000 13:17:48 +0200 > From: Wim Olivier > To: FreeBSD-stable > Subject: IPFW issue on FBSD 4.0-REL > > Hi everyone, > > Made some progress now. > > I set firewall_enable to NO in /etc/rc.conf and reboot the system. > When it comes up no ipfw rules are loaded. I then load the following > rule: > > My IPFW fules now look like this: (and it works) - BUT i can only access > the Net from the BSD box itself! > > 65001 2027 133645 allow ip from any to any via any > 65535 110 8824 deny ip from any to any > > No LAN PC's are able to get past the BSD nat nic. > > > -- > Kind Regards, > > Wim Olivier > Principal Consultant - UNIX Systems > Professional Services (Africa & Middle East) > OSIRICOM Holdings (Pty) Ltd. - South Africa > Mobile : +27 (0) 82 6553599 http://www.osiricom.co.za > Tel : +27 11 802 7415 > Fax : +27 11 802 5853 > > -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message