From owner-freebsd-questions Tue Aug 10 12:55:46 1999 Delivered-To: freebsd-questions@freebsd.org Received: from gateway.ciminot.com (gateway.ciminot.com [208.149.231.26]) by hub.freebsd.org (Postfix) with ESMTP id B879715454 for ; Tue, 10 Aug 1999 12:55:25 -0700 (PDT) (envelope-from dave@ciminot.com) Received: from dave ([192.168.200.15]) by gateway.ciminot.com (8.9.1/8.9.1) with SMTP id OAA27077; Tue, 10 Aug 1999 14:53:25 -0500 (CDT) (envelope-from dave@ciminot.com) From: "David B. Aas" To: Cc: Subject: RE: IPFW & NATD Date: Tue, 10 Aug 1999 14:54:59 -0500 Message-ID: <002901bee36a$3b0e8b40$0fc8a8c0@dave.ciminot.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 In-Reply-To: Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I would suggest you get the book "The Complete FreeBSD" by Greg Lehey. It is a good starting point to figure out what you need to do next. Also check the Web site at http://www.freebsd.org . This has lots of good information to do a firewall. I find the FreeBSD'zine to also be a good reference. Dave Aas dave@ciminot.com > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of > elazich@AlaskaAir.com > Sent: Tuesday, August 10, 1999 2:45 PM > To: roelof@nisser.com > Cc: freebsd-questions@FreeBSD.ORG > Subject: Re: IPFW & NATD > > > Yes, sorry I meant on the public interface, so that's all there is to > it? Just setup a rule for my firewall to divert packets and my > internal hosts can access internet hosts? What about DNS, do I/can I > set up dual level DNS so my internal hosts can resolve amongst > themselves and can also forward request from the internal DNS > server to > the one running on the public interface. > > Eli > > roelof@nisser.com writes: > >elazich@AlaskaAir.com wrote: > >> > >> Sorry if this has been asked and answered and if it has > just point me > >> in the right direction. What I want to do is pretty simple, run my > >> FBSD box as a firewall with a static IP address on the external > >> interface on a DSL connection. I also have an internal interface > >which > >> is on the 10 net work along with about 10 machines behind the > >firewall. > >> As I understand it, I have recompiled a kernel with the > appropriate > >> IPFW options (3 of them as I recall) and run natd. The question I > >have > >> is this, am I right in running natd on my internal > interface? And do > >I > >> simply need a IPFW divert rule directing traffic from natd > out or am I > >> completely missing the boat here. Any help is greatly appreciated. > > >No, you must run natd on the public interface. You should > also declare > >a firewall_type, start with open, as well as enable the firewall. > > >Roelof > > >-- > >Home is where the (@) http://eboa.com/ is. > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message