Date: Tue, 18 May 1999 14:40:29 +0800 From: "danny" <danny@pentalpha.com.hk> To: "Ruslan Ermilov" <ru@ucb.crimea.ua> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: natd Message-ID: <002101bea0f9$520f7c40$a800000a@274.penatlpha.com.hk>
next in thread | raw e-mail | index | archive | help
ipfw l
00100 divert 8668 ip from any to any via xl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 deny ip from any to any
ifconfig -a
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 210.176.109.x netmask 0xffffffe0 broadcast 210.176.109.31
ether 00:10:4b:0a:aa:aa
media: 10baseT/UTP <half-duplex>
supported media: autoselect 100baseTX <full-duplex> 100baseTX
<half-dupP
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.7 netmask 0xff000000 broadcast 10.255.255.255
ether 00:10:4b:65:bb:bb
media: 100baseTX <half-duplex>
supported media: autoselect 100baseTX <full-duplex> 100baseTX
<half-dupP
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
sysctl net.inet.ip
net.inet.ip.portrange.lowfirst: 1023
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.first: 1024
net.inet.ip.portrange.last: 5000
net.inet.ip.portrange.hifirst: 49152
net.inet.ip.portrange.hilast: 65535
net.inet.ip.forwarding: 1
net.inet.ip.redirect: 1
net.inet.ip.ttl: 64
net.inet.ip.rtexpire: 3600
net.inet.ip.rtminexpire: 10
net.inet.ip.rtmaxcache: 128
net.inet.ip.sourceroute: 0
net.inet.ip.intr_queue_maxlen: 50
net.inet.ip.intr_queue_drops: 0
net.inet.ip.accept_sourceroute: 0
net.inet.ip.fastforwarding: 0
net.inet.ip.subnets_are_local: 0
net.inet.ip.fw.debug: 1
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.verbose_limit: 0
-----Original Message-----
From: Ruslan Ermilov <ru@ucb.crimea.ua>
To: danny <danny@pentalpha.com.hk>
Cc: freebsd-questions@FreeBSD.ORG <freebsd-questions@FreeBSD.ORG>
Date: Monday, May 17, 1999 7:31 PM
Subject: Re: natd
>On Mon, May 17, 1999 at 06:34:24PM +0800, danny wrote:
>> 1) ipfw list:
>> with firewall_type="open" and nothing more (all pass)
>> 2) my kernel with IPFIREWALL and IPDIVERT options.
>> 3) also ``gateway_enable=YES'' in /etc/rc.conf
>>
>> all done
>>
>> Danny
>
>As root, execute the following commands and send me their output.
>You can find script(1) very handy for this sort of things.
>
>1. ipfw l
>2. ifconfig -a
>3. sysctl net.inet.ip
>
>
>--
>Ruslan Ermilov Sysadmin and DBA of the
>ru@ucb.crimea.ua United Commercial Bank
>+380.652.247.647 Simferopol, Ukraine
>
>http://www.FreeBSD.org The Power To Serve
>http://www.oracle.com Enabling The Information Age
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002101bea0f9$520f7c40$a800000a>