Date: 03 Jul 1999 03:13:23 -0400 From: Arcady Genkin <a.genkin@utoronto.ca> To: freebsd-questions@freebsd.org Subject: natd and ipfw Message-ID: <87u2rmryss.fsf@main.wgaf.net>
next in thread | raw e-mail | index | archive | help
Hi all: I've attempted to configure ipfirewalling/masquerading on an FreeBSD 3.2-Release. Here's what I did: options IPFIREWALL options IPFIREWALL_VERBOSE options IPDIVERT then I added in /etc/rc.conf: gateway_enable="YES" ipfw add allow all from any to any #I'll play with this later then I rebooted and ran "natd -interface ed0" I have 2 computers in my network -- the firewall named "door" 192.168.1.1 and a workstation named "main" 192.168.1.2. "door" is connected to internet via ed1 (ADSL connection with dhclient), and is able to ping, telnet, ftp, etc. both into the internet and into "main". It connects to main via ed0. "main" is able to connect to "door" in any possible method (i.e. internal tcp/ip link works OK). It runs Linux 2.2.10, and I'm telling it to use "door" as its router: ifconfig eth0 192.168.1.2 netmask 255.255.255.0 up route add -net 192.168.1.0 netmask 255.255.255.0 eth0 route add default gw 192.168.1.1 eth0 However, "main" is unable to ping anything in the internet. I get the feeling that it routes packets out correctly, because if I ping something, then the nic on "door" flashes LEDs. Can somebody think of something that I'm doing wrong? Thanks a lot in advance! Here's output of netstat -r and netstat -i on "door": Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default HSE-TOR-ppp22711.s UGSc 1 17 ed1 localhost localhost UH 1 0 lo0 192.168.1 link#1 UC 0 0 ed0 main 0:80:c8:f2:c6:14 UHLW 0 5 ed0 1191 209.226.71 link#2 UC 0 0 ed1 HSE-TOR-ppp22711.s 0:90:6f:fc:f8:20 UHLW 2 0 ed1 736 HSE-TOR-ppp22919.s localhost UGHS 0 0 lo0 Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll ed0 1500 <Link> 00.80.c8.ec.0f.39 47 0 13 0 0 ed0 1500 192.168.1 door 47 0 13 0 0 ed1 1500 <Link> 52.54.4c.17.c9.5c 17 0 52 0 0 ed1 1500 209.226.71 HSE-TOR-ppp2291 17 0 52 0 0 lo0 16384 <Link> 0 0 0 0 0 lo0 16384 127 localhost 0 0 0 0 0 ========= Here's output of the same commands on "main": Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface localnet * 255.255.255.0 U 0 0 0 eth0 localnet * 255.255.255.0 U 0 0 0 eth0 default door.wgaf.net 0.0.0.0 UG 0 0 0 eth0 Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 4562 0 0 0 12075 3 0 0 BRU lo 3924 0 11 0 0 0 11 0 0 0 LRU -- Arcady Genkin "... without money one gets nothing in this world, not even a certificate of eternal blessedness in the other world..." (S. Kierkegaard) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87u2rmryss.fsf>