From owner-freebsd-questions  Thu Jan 20  5:31:31 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from stop.dashit.net (stop.dashit.net [209.100.20.20])
	by hub.freebsd.org (Postfix) with ESMTP id E0C21152CE
	for <questions@freebsd.org>; Thu, 20 Jan 2000 05:31:28 -0800 (PST)
	(envelope-from stop@dashit.net)
Received: from abyss (abyss.dashit.net [209.100.22.250])
	by stop.dashit.net (Postfix) with SMTP
	id 063BC3E001; Thu, 20 Jan 2000 08:31:29 -0500 (EST)
From: "Troy Settle" <stop@dashit.net>
To: "lam" <lam@NUXI.com>, <questions@freebsd.org>
Subject: RE: Natd and dhcp, 
Date: Thu, 20 Jan 2000 08:28:34 -0500
Message-ID: <NDBBLOMCGLFPEPCPJEKKKEBFCAAA.stop@dashit.net>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
In-Reply-To: <Pine.BSF.3.96.1000119195747.82295A-100000@relay.nuxi.com>
Importance: Normal
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


The firewall rules are taken care of automagically by rc.firewall.  It's
already got a check in there for natd, and will add the approprite rule.

For kicks, here's what I've got on one box I'm doing this on, I've got ed1
to the internet, and ed2 on my internal network:

# cat /etc/rc.conf | grep "applicable stuff"
firewall_enable="YES"
firewall_type="open"
network_interfaces="ed1 ed2 lo0"
ifconfig_ed1="inet 209.100.20.126  netmask 255.255.255.224"
ifconfig_ed2="inet 10.10.100.1 netmask 255.255.255.0"
natd_enable="YES"
natd_interface="ed1"
natd_flags="-s

# ipfw list
00100 divert 8668 ip from any to any via ed1
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65535 allow ip from any to any

# cat /etc/dhcpd.conf
server-identifier 10.10.100.1;

subnet 10.10.100.0 netmask 255.255.255.0 {
  range 10.10.100.2 10.10.100.240;
  option domain-name-servers 209.100.20.2, 209.100.20.3;
  option routers 10.10.100.1;
  option subnet-mask 255.255.255.0;
  option broadcast-address 10.10.100.255;
  default-lease-time 2592000;
  max-lease-time 2592000;
}

subnet 209.100.20.96 netmask 255.255.255.224 {
}


Hope this helps...

-Troy




> -----Original Message-----
> From: owner-freebsd-questions@FreeBSD.ORG
> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of lam
> Sent: Wednesday, January 19, 2000 23:07
> To: questions@freebsd.org
> Subject: Natd and dhcp,
>
>
>
> Hi,
>   I am trying to setup natd with dhcp.  One nic is using dhcp
> client, the other nic have a static ip (internal network).  My problem is
> trying to use natd to route everything from the 2nd one to the first one.
>   Natd manpage mentioned about the three rules in rc.firewall; where
> should I put them?
>   I set in rc.conf:
> 	firewall_enable="YES"
> 	firewall_type="simple"
>   and then I am stuck on the rc.firewall.  A simple rc.firewall example is
> more than appreciate.
>
> Thanks.
>
> ---Lam Nguyen
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message