From owner-freebsd-questions Mon Dec 9 18:17: 4 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4684E37B401 for ; Mon, 9 Dec 2002 18:17:01 -0800 (PST) Received: from mx20a.rmci.net (mx20a.rmci.net [205.162.184.37]) by mx1.FreeBSD.org (Postfix) with SMTP id B816C43F81 for ; Mon, 9 Dec 2002 18:17:00 -0800 (PST) (envelope-from massey@rmci.net) Received: (qmail 15788 invoked from network); 10 Dec 2002 02:16:54 -0000 Received: from dsl-ip-216-222-2-34.boi.rmci.net (HELO data) (216.222.2.34) by mx20.rmci.net with SMTP; 10 Dec 2002 02:16:54 -0000 From: "Mike" To: "'Fernando Gleiser'" Cc: Subject: RE: IPNAT help --Thank You Date: Wed, 18 Dec 2002 19:45:58 -0700 Message-ID: <001501c2a708$c29c37f0$2202ded8@data> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 In-Reply-To: <20021209112136.Y5604-100000@cactus.fi.uba.ar> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Ahh so that's why it would not work THANK YOU!! All that replied. Is there a place or book where I can dig into this more on what I can use with what like you mentioned? Thanks M;) -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG] On Behalf Of Fernando Gleiser Sent: Monday, December 09, 2002 7:26 AM To: Mike Cc: freebsd-questions@freebsd.org Subject: Re: IPNAT help On Tue, 17 Dec 2002, Mike wrote: > Trying to setup a small local network off of my DSL. Currently I use a > different OS to do this but I am switching, or trying to.. > > I am using IPNAT and have added all of the options to redo the kernel. > options INET #InterNETworking > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > options IPSTEALTH > options TCP_RESTRICT_RST > options INET6 #IPv6 communications protocols If you use ipnat, you need "options IPFILTER", and drop all "options IPFIREWALL*" and IPDIVERT > > Recompiled and setup my firewall - Works great. Next went after ipnat > and natd (Note some of these I do not need I think but which ones?) I > need a clear step by step on this if someone has one. If you use ipfilter, use ipnat. if you use ipfw, use natd. > > My RC.CONF with IP changed > # -- sysinstall generated deltas -- # Sat Nov 30 16:10:02 2002 # > Created: Sat Nov 30 16:10:02 2002 # Enable network daemons for user > convenience. # Please make all changes to this file, not to > /etc/defaults/rc.conf. # This file now contains just the overrides > from /etc/defaults/rc.conf. #My ADSL router > defaultrouter="216.0.0.33" > ipfilter_enable="YES" > ipnat_anabled="YES" that should be ipnat_enable > natd_enable="YES" > natd_interface="fpx0" > natd_flags="-f /etc/natd.conf" > gateway_enable="YES" > hostname="myhost.myhost.us" > ifconfig_fxp0="inet 216.0.0.35 netmask 255.255.255.248" > ifconfig_xl0="inet 192.168.0.2 netmask 255.255.255.0" > inetd_enable="NO" ipv6_enable="YES" > kern_securelevel_enable="NO" > linux_enable="YES" > nfs_reserved_port_only="YES" > sendmail_enable="YES" > sshd_enable="YES" > usbd_enable="YES" > #required for ipfw support > firewall_enable="YES" > #firewall_script="/etc/ipfw.rules" > firewall_script="/etc/rc.firewall" > firewall_type="simple" > firewall_quiet="NO" #change to YES once happy with rules > firewall_logging_enable="YES" > #extra firewalling options > log_in_vain="YES" > tcp_restrict_rst="YES" > icmp_drop_redirect="YES" > > Next added my ipnat.conf file > > map fxp0 192.168.0.0/24 -> 216.222.2.35/29 portmap tcp/udp 10000:65000 by default, ipnat looks for the rules in /etc/ipnat.rules. Move the file or tweak the ipnat_rules var in rc.conf Hope this helps Fer > > So pick it apart and point me in the right direction if possible. I am > continuing to try and make it work... > > Thanks > > PS - This is my First post on anything in FreeBSD, the rest from MySQL > to SSHD SSL Apache PHP Webmin all went great! > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message