From owner-freebsd-questions  Tue Nov 24 00:58:27 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA25033
          for freebsd-questions-outgoing; Tue, 24 Nov 1998 00:58:27 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from chippie.cgu.nl (chippie.cgu.nl [145.101.220.7])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA25025
          for <freebsd-questions@FreeBSD.ORG>; Tue, 24 Nov 1998 00:58:25 -0800 (PST)
          (envelope-from psd@cgu.nl)
Received: from localhost (psd@localhost)
	by chippie.cgu.nl (8.8.7/8.8.7/psd) with SMTP id KAA06322;
	Tue, 24 Nov 1998 10:00:21 +0100 (CET)
Date: Tue, 24 Nov 1998 10:00:20 +0100 (CET)
From: Paul Dekkers <psd@cgu.nl>
X-Sender: psd@chippie.cgu
To: Dan Busarow <dan@dpcsys.com>
cc: FreeBSD Mailinglist <freebsd-questions@FreeBSD.ORG>
Subject: Re: natd: what's wrong?
In-Reply-To: <Pine.BSF.3.96.981123120443.27435K-100000@java.dpcsys.com>
Message-ID: <Pine.BSF.3.96.981124095858.6215A-100000@chippie.cgu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 23 Nov 1998, Dan Busarow wrote:

| >               _____
| >   clients -- |ed1  |
| > 192.168.5.x  |     |
| >              |__xl0| -- internet (public address)
| > 
| > with the following ifconfig's on the server:
| > xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
| >         inet (public address) netmask 0xffffff00 broadcast XXX.XXX.XXX.255
| >         inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
| 
| Do you need the net 10 address bound to the interface?  If not,
| get rid of it.  I can imagine it causing some confusion for natd
| 
| > ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
| >         inet 192.168.5.1 netmask 0xffffff00 broadcast 192.168.5.255
| > 
| > Now I have the following firewall:
| > 00100 divert 8668 ip from 192.168.0.0/16 to any via (public address)
| > 65535 allow ip from any to any
| > 
| > and natd running with:
| > natd -a (public address)
| 
| I use natd -s -m -u -interface xl0
| 
| > But; it doesn't work?! What's wrong?
| 
| Do you have IP forwarding enabled in rc.conf?  What firewall type
| do you have in rc.conf?

Yes, however forward_sourceroute=NO, is that wrong?
I have no firewall in rc.conf
I have a default policy to enable all trafic, and in rc.local I have my
divert rule...

Paul

--
Paul Dekkers 
E-Mail: <P.Dekkers@cgu.nl>
To err is human, to moo bovine


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message