Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 09 Jun 1998 05:55:10 -0400
From:      David Boisvert <David_Boisvert@uqtr.uquebec.ca>
To:        FreeBSD questions <freebsd-questions@FreeBSD.ORG>
Subject:   ipfw & natd problems --> Still in trouble!!!
Message-ID:  <357D067E.41C67EA6@uqtr.uquebec.ca>
next in thread | raw e-mail | index | archive | help 
Hi, I'm still in trouble with natd!!!

>>  I need some assistance and help with the install of ipfw and natd. I
have a P100 with FreeBSD 2.2.6 on it and I also have a 489dx66 with
win3.11 for workgroup. I can telnet from my win3.11 to my FreeBSD box
and myFreeBSD box can ping my 486.

When I try to ping from the 486 I got this with tcpdump:

05:46:52.064899 192.168.1.2 > TRO-RT-7513-A.cgocable.ca: icmp: echo
request
05:46:53.184313 192.168.1.2 > TRO-RT-7513-A.cgocable.ca: icmp: echo
request
05:46:54.680992 192.168.1.2 > TRO-RT-7513-A.cgocable.ca: icmp: echo
request
05:46:56.183755 192.168.1.2 > TRO-RT-7513-A.cgocable.ca: icmp: echo
request

but no reply...



My settings are:


FIREWALL: (like the natd man)

01000 allow ip from any to any via lo0
01010 deny ip from 127.0.0.0/8 to 127.0.0.0/8
65000 allow ip from any to any
65100 divert 6668 ip from any to any via ed1
65200 allow ip from any to any
65535 deny ip from any to any


205.151.62.42   : Cable modem connected to the internet (ed1)
192.168.1.1     : Second ethernet card in the FreeBSD 
                  connected to the 486 (ed2)
192.168.1.2     : Third ethernet card in the 486


In the 486:

IP Adress               192.168.1.2
SubnetMASK              255.255.255.0
Default Gateway         192.168.1.1
Primary Wins Server     1.1.1.1
Secondary Wins Server   1.1.1.1

Enable dns for windows name resolution

dns                     205.151.69.200 (same as my FreeBSD box)

/etc/rc.conf

firewall_enable="YES"         
firewall_type="open"
firewall_quiet="NO" 
gateway_enable="YES"

KERNEL:

options IPFIREWALL                      #code packet filtering
options IPFIREWALL_VERBOSE              #logging packet throught syslogd
options IPFIREWALL_VERBOSE_LIMIT=20     #limits the numbers of packets   
options IPDIVERT                        #for the use of NATD


/etc/services:

natd            6668/divert # Network adress translation socke

Thanks for your reply.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?357D067E.41C67EA6>