From owner-freebsd-questions  Fri Aug  8 06:28:48 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA13921
          for questions-outgoing; Fri, 8 Aug 1997 06:28:48 -0700 (PDT)
Received: from gatekeeper.barcode.co.il (gatekeeper.barcode.co.il [192.116.93.17])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA13899
          for <freebsd-questions@FreeBSD.ORG>; Fri, 8 Aug 1997 06:28:35 -0700 (PDT)
Received: (from nadav@localhost) by gatekeeper.barcode.co.il (8.8.5/8.6.12) id QAA01143; Fri, 8 Aug 1997 16:28:17 +0300 (IDT)
Date: Fri, 8 Aug 1997 16:28:17 +0300 (IDT)
From: Nadav Eiron <nadav@barcode.co.il>
To: Simon N Atkin <simat@enta.net>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: IP Firewall.
In-Reply-To: <33EB1B4F.2417@enta.net>
Message-ID: <Pine.BSF.3.91.970808162631.1124A-100000@gatekeeper.barcode.co.il>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk



On Fri, 8 Aug 1997, Simon N Atkin wrote:

> Anyone got any ideas on how to pass data from interface to
> interface with IPFW, do you have to add routing between interfaces
> or does IPFW take care of this,
> 
> the internal interface will be on ip 192.168.1.1 (private network)
> so far I have IPFW configured as "simple", this firewall machine 
> needs to be able to route data for an extire class C to an internet
> backbone.

If your setup includes an internal network with "unregistered" IP 
addresses (in the 192.168 range), then IPFW alone will not work. You'll 
have to either use only proxies for your internet applications, or use 
natd with the IPFW divert feature. Look in the mail archives for pointers 
to various info. sources on configuring such a setup.

> 
> Cheers
> 
> 
> Simon Atkin (simat@enta.net) :)
> 
Nadav