Date: Sat, 15 Jan 2000 23:47:53 -0500 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: "Briggs, Jeremy M" <BriggsJM@corp.earthlink.net> Cc: "'questions@freebsd.org'" <questions@FreeBSD.ORG> Subject: Re: NATD Message-ID: <20000115234753.B57728@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <97FCD12BF275D311960900508B6F3B64010D2F1D@sac-folsom.mis.earthlink.net>; from BriggsJM@corp.earthlink.net on Sat, Jan 15, 2000 at 07:26:32PM -0800 References: <97FCD12BF275D311960900508B6F3B64010D2F1D@sac-folsom.mis.earthlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jan 15, 2000 at 07:26:32PM -0800, Briggs, Jeremy M wrote: > Dear sir or madam, > > I am attempting to use FreeBSD as an internet gateway; natd is the > routing deamon I am attempting to use. NATd is not a routing daemon. But anyway... [snip] > The FreeBSD machine, is able to ping all machines on the LAN, and is > able to access the internet just fine; inversely, all machines on the lan > are able to ping the FreeBSD machine. IP's on the lan are 192.168.x . NATD > is enabled and loads with BSD, OK, so it sounds like the internal network is OK, and the NATd machine's public interface is OK. Sounds like the problem must be NATd. > When attempting to ping out the to internet, using the BSD machine > as a gateway, from another machine on the network, packets are transmitted > to the internet each time a ping is sent however no packets are ever > recieved from the internet. All pings time out except if they are initiated > from the FreeBSD box. What do you suggest? What should I check? First, what are the arguments being sent to natd(8)? I assume you are doing it from /etc/rc.conf? So what are, natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="NO" # Enable natd (if firewall_enable == YES). natd_interface="fxp0" # Public interface or IPaddress to use. natd_flags="" # Additional flags for natd. Set to, if anything? > On a side note, I think the packets are being aliased incorrectly, however I > am not sure how to check this or how to correct this if this is the problem. You can snoop the external interface and watch to see if the ping packets are making it out and if they come back, # tcpdump -i <external_interface> 'proto \icmp' While an internal machine pings something on the Internet. Since you must have ipfw(8) rules on the NATd machine, do you have any rules there that might be blocking pings? -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000115234753.B57728>