Date: Wed, 20 Nov 2002 05:18:52 +0100 From: Marc Perisa <perisa@porsche.de> To: 'Constantine' <cnst@rbcmail.ru> Cc: Derrick Ryalls <ryallsd@datasphereweb.com>, freebsd-questions@FreeBSD.org Subject: Re: FreeBSD gateway Message-ID: <3DDB0D2C.6010601@porsche.de> References: <004201c29047$2e762e50$0200a8c0@bartxp>
next in thread | previous in thread | raw e-mail | index | archive | help
Derrick Ryalls wrote: >>Hello! >>I have installed FreeBSD 4.7 recently, and it seems it does >>not want to >>work as a gateway. I have two network cards in my FreeBSD >>computer, fxp0 >>for LAN and sis0 for the cable modem. I am new to FreeBSD, so I am >>confused what the difference between gateways and routers is (I was >>thinking they link to the same thing). I can ping my FreeBSD box from >>winxp, I can ping internet from remote session to FreeBSD, >>but I cannot >>ping internet from my winxp. >>My winxp has ip 192.168.0.1, netmask 255.255.255.0, and gateway >>192.168.0.18 settings. Now FreeBSD /etc/rc.conf follows: >> >>gateway_enable="YES" >>kern_securelevel_enable="NO" >>nfs_reserved_port_only="YES" >>ifconfig_sis0="DHCP" >>ifconfig_fxp0="inet 192.168.0.18 netmask 255.255.255.0" >>#router_enable="YES" # from handbook gateway_enable="YES" >>firewall_enable="YES" >>firewall_type="OPEN" >>natd_enable="YES" >>natd_interface="sis0" >>natd_flags="" #/ handbook > > > Are your ip's reversed? I think the gateway should have the .1 address > and the xp box should use the .18 Nope. He set his FreeBSD box to the IP 192.168.0.18 and his Windows XP box to 192.168.0.1 . All is ok with that. It is only uncommon to do. Normally you would give the defaultgateway for a network x.y.z.1 or x.y.z.254 . But it is not forbidden to set it to any IP in that subnet. > > Are you using the default kernel? If so, you will need to add a couple > lines are recompile. > > options IPFIREWALL #firewall > options IPDIVERT #divert sockets > > as for the difference between a router and a gateway, a gateway is a > machine to deal with going from one network (lan) to another network > (wan), I think. > From your point of view (as needed for this problem) routers and gateways are the same. In this case the FreeBSD box is acting as a router for your internal net to the Internet. A simple router would do the same. But for more complex routing you have to either setup gated (or similar software) or add all rules (if they are static) by hand. A gateway is the simplest form of a router. >>The last two lines from dmesg: >>IP packet filtering initialized, divert disabled, rule-based >>forwarding >>enabled, default to deny, logging disabled >>ip_fw_ctl: invalid command That hints to a problem with the /etc/rc.firewall script (which is called when you add to /etc/rc.conf firewall_enable="YES"). Please provide us with the output of "ipfw list". (You have to do that as root of course). I think your firewall ruleset is not tuned for a gateway situation. Hope that helps Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DDB0D2C.6010601>