From owner-freebsd-questions Mon Mar 12 16:33:35 2001 Delivered-To: freebsd-questions@freebsd.org Received: from femail3.rdc1.on.home.com (femail3.rdc1.on.home.com [24.2.9.90]) by hub.freebsd.org (Postfix) with ESMTP id 8940537B71B for ; Mon, 12 Mar 2001 16:33:31 -0800 (PST) (envelope-from danyc@playground.net) Received: from playground.net ([24.157.54.46]) by femail3.rdc1.on.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010313003258.WYQS6398.femail3.rdc1.on.home.com@playground.net>; Mon, 12 Mar 2001 16:32:58 -0800 Message-ID: <3AAD6ADA.891CF369@playground.net> Date: Mon, 12 Mar 2001 19:33:30 -0500 From: Dany Cayouette X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Tymanthius Rune Speak , freebsd-questions@freebsd.org Subject: Re: More NATD/IPFW woes . . . References: <20010313000639.4798.qmail@nwcst284.netaddress.usa.net> <3AAD693C.C11E6A3E@playground.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Oops! it send too fast. Couple of other things I could suggest. Keep the firewall open initially to debug your connectivity problem. In my /etc/rc.conf I have: firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="ep0" (This is the 'public' interface aka facing your provider. In your case, ed0 or ed1) From a host on your private/home LAN, you should be able to ping both interface on the FreeBSD box. This would indicate the routing on the FBSD box is OK. In my kernel, I have options IPFIREWALL options IPDIVERT defined. Again, hope this helps Dany Dany Cayouette wrote: > Not sure how much experience you have with FreeBSD. I got this setup working > at home. Which version of FreeBSD are you running? Is your dual-NIC box set > to forward IP packets? Is other words what is the value of the command > > sysctl net.inet.ip.forwarding > > This kernel variable should be set to 1 > > sysctl net.inet.ip.forwarding=1 > > To make this change happen at boot up, I think you need > gateway_enable="YES" in your /etc/rc.conf file. > > Hope this helps > Dany > > Tymanthius Rune Speak wrote: > > > Ok, I'm REALLY frustrated now. > > > > This is what I found out over the weekend: > > > > Take the GENERIC kernel config file. > > cp GENERIC 2NicKern > > edit 2NicKern so that ed0 line has settings for MY ed0. > > Add ed1 line that matches my ed1. > > > > config 2NicKern > > make depend -j4 > > make -j4 > > make install -j4 > > > > Can ping intra- & inter-nets from bsd box. > > intranet can not ping internet. > > > > make clean > > > > edit 2NicKern to add > > options IPFIREWALL > > options IPDIVERT > > > > config 2NicKern > > make depend -j4 > > make -j4 > > make install -j4 > > > > Now can not talk to internet, intra still works fine. Even if running fully > > open ipfw rules > > > > comment out > > options IPFIREWALL > > > > config 2NicKern > > make depend -j4 > > make -j4 > > make install -j4 > > > > Same as before. > > > > edit out > > options IPDIVERT > > put back in > > options IPFIREWALL > > > > config 2NicKern > > make depend -j4 > > make -j4 > > make install -j4 > > > > Same problem. > > > > I'm about ready to scream . . . > > > > If I at least knew why the internet was going away, I'd have a place to > > start. > > > > > > ____________________________________________________________________ > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message