Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 26 Sep 2008 11:41:41 +0200
From:      Colin Brace <cb@lim.nl>
To:        freebsd-questions@freebsd.org
Subject:   gateway NAT settings lost
Message-ID:  <6fcb5b8a45c5f63a10d863a009ee0700@localhost>
next in thread | raw e-mail | index | archive | help 

Hi all,

I recently ran out of diskspace on the root partition of my FreeBSD 7 box,
which serves as a home server/gateway. As a result, when I went to edit my
rc.conf file with nano earlier this moth, it couldn't save the changes and
the file was written zero-length. Alas, my nightly backup subsequently
archived this, and I've now lost the original. 

I only realized this when I needed to reboot last night. I have now been
trying to rebuild my rc.conf settings from scratch. Most things work again
now, except I still can't access the web from my LAN clients.

1.) I can get a dhcp lease from the server.

2.) DNS works, ie, $ dig cern.ch returns a DNS record

3.) but $ lynx cern.ch doesn't work.

Here is my rc.conf now:

check_quotas="NO"
cron_enable="YES"
hostname="venus"
inetd_enable="NO"
linux_enable="YES"
moused_enable="YES"
sshd_enable="YES"
usbd_enable="YES"
lighttpd_enable="YES"
postfix_enable="YES"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
dovecot_enable="YES"
rpcbind_enable="YES"
nfs_server_enable="YES"
mountd_flags="-r"

# WLAN interface
ifconfig_fxp0="DHCP"

# LAN interface
ifconfig_rl0="inet 192.168.1.1  netmask 255.255.255.0"

# WIFI interface
ifconfig_ath0=""

smartd_enable="YES"
pf_enable="YES"
pflog_enable="YES"
dhcpd_enable="YES"

/usr/local/sbin/dnrd -s 208.67.222.222

postgresql_enable="YES"
obspamd_enable="YES"
obspamdlog_enable="YES"
dovecot_enable="YES"
rsyncd_enable="YES"
rtadvd_enable="YES"

I am using PF for NAT, and have the following rule:

[...]
ext_if = "fxp0"
[...]
nat on $ext_if from !($ext_if) to any -> ($ext_if)
[...]

I must be missing something obvious, but what?

TIA

-- 
  Colin Brace
  Amsterdam
  http://lim.nl

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6fcb5b8a45c5f63a10d863a009ee0700>