From owner-freebsd-stable@FreeBSD.ORG Mon Jul 31 09:01:58 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F35BA16A4DA for ; Mon, 31 Jul 2006 09:01:57 +0000 (UTC) (envelope-from rodrigo@liralink.com) Received: from bloco-10.gmail.comdominio.com.br (bloco-10.gmail.comdominio.com.br [200.155.11.203]) by mx1.FreeBSD.org (Postfix) with ESMTP id 11E4743D49 for ; Mon, 31 Jul 2006 09:01:56 +0000 (GMT) (envelope-from rodrigo@liralink.com) Received: (qmail 5809 invoked from network); 31 Jul 2006 08:57:56 -0000 Received: from unknown (HELO galicom1) (Authenticatedgmail:rodrigo@liralink.com@[196.202.255.2]) (envelope-sender ) by bloco-10.gmail.comdominio.com.br (qmail-ldap-1.03) with SMTP for ; 31 Jul 2006 08:57:45 -0000 From: "Rodrigo Galiano" To: "'SigmaX asdf'" , "'Igor Robul'" Date: Mon, 31 Jul 2006 10:01:24 +0100 Organization: LIRALINK ASSISTENCIA TECNICA MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Thread-Index: Aca0dEVjqkKhQP0kSJ6LH/LZ2AVY1QACnfbw Message-Id: <20060731090156.11E4743D49@mx1.FreeBSD.org> Cc: freebsd-stable@freebsd.org Subject: RE: Gateway X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rodrigo@liralink.com List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Jul 2006 09:01:58 -0000 Hi, Just add the following lines on rc.conf to get your gateway up and running for the LAN: gateway_enable="YES" natd_enable="YES" natd_flags="-n xxx" (you should replace xxx with your external interface name) firewall_enable="YES" firewall_script="/etc/ipfw.test" (this is to specify firewall script file (don't forget the natd rule on the firewall script). Regards --- Rodrigo Galiano Celestino Consultor de Internet & Sistemas Cellular: +244 923 57 79 72 -----Original Message----- From: owner-freebsd-stable@freebsd.org [mailto:owner-freebsd-stable@freebsd.org] On Behalf Of SigmaX asdf Sent: segunda-feira, 31 de Julho de 2006 8:39 To: Igor Robul Cc: freebsd-stable@freebsd.org Subject: Re: Gateway I take it firewall_type="OPEN" does not include the divert rule? The handbooks reads "The kernel source needs 'option divert' statement added to the other IPFIREWALL statements compiled into a custom kernel." Is this still the case in FreeBSD 6.1? Or am I covered by the IPDIVERT module or something? SigmaX On 7/29/06, Igor Robul wrote: > > On Sat, Jul 29, 2006 at 01:42:41PM -0400, SigmaX asdf wrote: > > >^^^^^^^^^^^^^^^^^^^ > > >Should be natd_enable="YES" > > > > > > Heh; yeah, typo in my post. The file has it ok. Is there something I > have > > to do to specify the interfaces which have nat enabled? Does > natd_enable > > automatically forward any/every packet to any/every interface? > Personally I use ipfilter, but for ipfw/natd you need to specify > "divert" rule. You can find many examples, including ones in FreeBSD > handbook. > _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"