From owner-freebsd-questions@FreeBSD.ORG Thu Sep 17 15:27:46 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 82F1A106566B for ; Thu, 17 Sep 2009 15:27:46 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from kuber.nabble.com (kuber.nabble.com [216.139.236.158]) by mx1.freebsd.org (Postfix) with ESMTP id 5F4338FC2F for ; Thu, 17 Sep 2009 15:27:46 +0000 (UTC) Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1MoItd-0006ZH-Kk for freebsd-questions@freebsd.org; Thu, 17 Sep 2009 08:27:45 -0700 Message-ID: <25491958.post@talk.nabble.com> Date: Thu, 17 Sep 2009 08:27:45 -0700 (PDT) From: Freeco To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: freeco@inbox.lv Subject: IPF, NAT or NIC X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2009 15:27:46 -0000 I'm new in BSD, I installed FreeBSD 7.2 and want to use as gateway with IPF and NAT. I have 2 NIC's fxp0 and rl0. When i booted up my pc i got a message "gateway kernel: arp xxx.xxx.88.17 is on fxp0 but got reply from rl0". My configuration files looks like this: ----rc.conf---- clear_tmp_enable="YES" hostname="gateway.fbsdfreeco.com" ifconfig_fxp0=" inet xxx.xxx.88.20 netmask 255.255.255.240" gateway_enable="YES" ipfilter_enable="YES" ipmon_enable="YES" ipmon_flags="-Ds" ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" ifconfig_rl0="inet 192.168.1.2 netmask 255.255.255.0" defaultrouter="xxx.xxx.88.17" ----resolv.conf---- search xxx.xxx.88.17 nameserver xxx.xxx.88.17 nameserver xxx.xxx.xxx.xxx ----ipf.loadrules.sh---- oif="fxp0" odns="xxx.xxx.88.17" myip="xxx.xxx.88.20" ks="keep state" fks="flags S keep state" /sbin/ipf -Fa -f - << EOF pass out quick on $oif proto tcp from any to $odns port = 53 $fks pass out quick on $oif proto udp from any to $odns port = 53 $ks pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port = 80 $fks pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port = 443 $fks EOF ----ipnat.rules---- map fxp0 192.168.1.0/16 -> xxx.xxx.88.20/32 rdr fxp0 0.0.0.0/0 -> xxx.xxx.88.20 map fxp0 192.168.0.0/16 -> 0/32 proxy port 21 ftp/tcp map fxp0 0.0.0.0/0 -> 0/32 map fxp0 192.168.0.0/16 -> 0/32 ----------------------------------- ISP Gateway<-fxp0--ping-ok--->My Gateway<-rl0-LAN-->Switch<---ping-ok>---pc ISP IP - xxx.xxx.88.17 (static) My IP - xxx.xxx.88.20 (fxp0 static) My IP - 192.168.1.2 (rl0 private) pc IP - 192.168.1.x (private) where's the problem? -- View this message in context: http://www.nabble.com/IPF%2C-NAT-or-NIC-tp25491958p25491958.html Sent from the freebsd-questions mailing list archive at Nabble.com.