From owner-freebsd-questions Tue Aug 10 12:33:18 1999 Delivered-To: freebsd-questions@freebsd.org Received: from nisser.com (n2000039.telekabel.chello.nl [212.187.0.39]) by hub.freebsd.org (Postfix) with ESMTP id 40AA315176 for ; Tue, 10 Aug 1999 12:33:05 -0700 (PDT) (envelope-from roelof@nisser.com) Received: from nisser.com (roelof [10.0.0.2]) by nisser.com (8.9.2/8.9.2) with ESMTP id VAA66953; Tue, 10 Aug 1999 21:34:16 +0200 (CEST) (envelope-from roelof@nisser.com) Message-ID: <37B07E47.87BA2924@nisser.com> Date: Tue, 10 Aug 1999 21:32:23 +0200 From: Roelof Osinga Organization: eboa - engineering buro Office Automation X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: elazich@AlaskaAir.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW & NATD References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG elazich@AlaskaAir.com wrote: > > Sorry if this has been asked and answered and if it has just point me > in the right direction. What I want to do is pretty simple, run my > FBSD box as a firewall with a static IP address on the external > interface on a DSL connection. I also have an internal interface which > is on the 10 net work along with about 10 machines behind the firewall. > As I understand it, I have recompiled a kernel with the appropriate > IPFW options (3 of them as I recall) and run natd. The question I have > is this, am I right in running natd on my internal interface? And do I > simply need a IPFW divert rule directing traffic from natd out or am I > completely missing the boat here. Any help is greatly appreciated. No, you must run natd on the public interface. You should also declare a firewall_type, start with open, as well as enable the firewall. Roelof -- Home is where the (@) http://eboa.com/ is. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message