From owner-freebsd-questions Tue Feb 20 1:15:45 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 5F02F37B491 for ; Tue, 20 Feb 2001 01:15:40 -0800 (PST) (envelope-from cjc@rfx-216-196-73-168.users.reflexcom.com) Received: from rfx-216-196-73-168.users.reflexcom.com ([216.196.73.168]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Tue, 20 Feb 2001 01:13:47 -0800 Received: (from cjc@localhost) by rfx-216-196-73-168.users.reflexcom.com (8.11.1/8.11.1) id f1K9FKQ74661; Tue, 20 Feb 2001 01:15:20 -0800 (PST) (envelope-from cjc) Date: Tue, 20 Feb 2001 01:15:19 -0800 From: "Crist J. Clark" To: Robert Daniels Cc: freebsd-questions@FreeBSD.ORG Subject: Re: NATD&GATEWAY PROBLEMS Message-ID: <20010220011519.X62368@rfx-216-196-73-168.users.reflex> Reply-To: cjclark@alum.mit.edu References: <009c01c09a78$f7833ca0$43701518@cx628451A> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <009c01c09a78$f7833ca0$43701518@cx628451A>; from rdaniels38@home.com on Mon, Feb 19, 2001 at 06:36:30AM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Feb 19, 2001 at 06:36:30AM -0700, Robert Daniels wrote: > Hello, my name is Robert. I am trying to configure my FreeBSD 4.0 as a gateway. I have a 3 computer network. My ISP is cox@home. (Cable Modem) > > Computer 1 name is FOO (will serve as gateway) > Computer 2 name is BAR (Running Free BSD 4.0) > Computer 3 name is BAZ(Running Dual Boot Win2000 Professional & Red Hat Linux 7.0) > > I compiled IPFIREWALl, IPDIVERT, IPFIREWALL_VERBOSE, and IPFIREWALL_DEFAULT_TO_ACCEPT in my Kernel on computer FOO. > > I put the following lines in my rc.conf file on computer FOO > > hostname="CX628451-A" > ifconfig_dc0"inet 192.168.1.1 netmask 255.255.255.0" # Private IP = > ifconfig_dc1"inet 24.21.112.xxx netmask 255.255.255.0" # Public IP = > gateway_enable="YES" > defaultrouter="24.21.112.1" # Gateway for my ISP. > natd_enable="YES" > natd_interface="dc1" > natd_flags"-l -u -s -m" = > firewall_enable="YES" > firewall_type="OPEN" I'll assume those are typos? > The rc.conf fie on BAR looks as follows. > > hostname="BAR" > ifconfig_x10="inet 192.168.1.2 netmask 255.255.255.0" # Private non-routable IP > defaultrouter="192.168.1.1" > gateway_enable"NO" = Oops. Another. [could you try wrapping your text at about 72 characters or so?] > With this setup I am able to ping computer FOO from computer BAR. I am able to ping both private and public addresses. I am also able to ping FOO defaultrouter IP and DNS IP that I have set in resolv.conf. But I am unable to ping an address out on the internet on computer BAR. This is strange. BAR can ping the external router and the DNS servers, but it cannot reach "out on the Internet?" As far as BAR is concerned, the external router and DNS server would be out on the Internet. On FOO, run, # tcpdump -n -idc0 'icmp' And, # tcpdump -n -idc1 'icmp' While you try to ping something on the Internet from BAR. Make sure the packets are getting aliased correctoy. > Of course I am able to ping address on the internet with computer FOO. I can telnet into Foo via BAR and vice versa. I also verified that the line natd 8668/divert was present in /etc/services. Looks like all of the local nets and you connection to the 'Net are OK. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message