From owner-freebsd-questions Mon Jan 27 20:56:12 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6D47C37B401 for ; Mon, 27 Jan 2003 20:56:10 -0800 (PST) Received: from mail.adelphia.net (pa-plum1b-166.pit.adelphia.net [24.53.161.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id C63F243F43 for ; Mon, 27 Jan 2003 20:56:08 -0800 (PST) (envelope-from wmoran@potentialtech.com) Received: from potentialtech.com ([172.16.0.95]) by mail.adelphia.net (8.12.3/8.12.3) with ESMTP id h0S4vViE007147; Mon, 27 Jan 2003 23:57:31 -0500 (EST) (envelope-from wmoran@potentialtech.com) Message-ID: <3E360DA2.2090007@potentialtech.com> Date: Mon, 27 Jan 2003 23:57:06 -0500 From: Bill Moran User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20021127 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Asenchi Cc: "freebsd-questions@FreeBSD. ORG" Subject: Re: Firewall + DHCP (STILL) References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Asenchi wrote: >>What do you mean by "not able to _keep_ a connection"? Are you saying that >>your DHCP addy expires and can't be renewed? Or is there something more to >>the problem (i.e., the link layer connection fails?) > > It won't pick up an ip from my provider. When I boot up, ifconfig in dmesg > shows an ip, but nothing will connect. If I do an 'ifconfig -a' it will > show up 0.0.0.0. OK, that clears that up. >>To clarify: >>if you type: >>killall dhclient >>ifconfig vr0 inet 10.1.1.1 netmaks 255.0.0.0 >>ifconfig >>Does it display the 10.1.1.1 address, or is there still no ip addy on >>vr0? > > Yes I can configure it for an address...I think it has something to do with > dhclient. Ok, so it appears as though the NIC and the driver are working ... >>${fwcmd} add 0200 allow all from any to any > >>If this is truely the firewall rules you are using, then every rule after >>this one is redundant, as this constitutes an "open" firewall, which is >>almost the same as no firewall at all (except for the divert rule). > > Yes I am aware of this. I have it in there to try and get a connection. It > normally isn't in there. Gotcha, so for now we're ruling out the firewall as a problem, good strategy. > #vi /etc/rc.conf > # -- sysinstall generated deltas -- # Thu Nov 14 10:01:53 2002 > # Created: Thu Nov 14 10:01:53 2002 > # Enable network daemons for user convenience. > # Please make all changes to this file, not to /etc/defaults/rc.conf. > # This file now contains just the overrides from /etc/defaults/rc.conf. > #Network Stuff > hostname="world.attbi.com" Try adding a line at this point in the file (actually, I don't think it really matters exactly _where_ you put it in the file) network_interfaces="vr0 rl0 lo0" And see if things start acting nicer. This may solve the problem, let me know either way. > ifconfig_vr0="DHCP" > ifconfig_rl0="inet 192.168.0.1 netmask 255.255.255.0" > ifconfig_lo0="inet 127.0.0.1 netmask 255.0.0.0" > gateway_enable="YES" -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message