Date: Fri, 24 Oct 2003 02:35:32 -0700 (PDT) From: Alhagie Puye <alhagiep@yahoo.com> To: Michelle <tristan11@mindspring.com>, freebsd-questions@freebsd.org Subject: Re: nat and ipfw Message-ID: <20031024093532.82462.qmail@web20501.mail.yahoo.com> In-Reply-To: <A65A044A-05C9-11D8-B73B-000393843210@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Do you have a natd.conf file? What does your rc.conf file look like? You have to turn on nat for the packets to be translated. Telling the firewall to send the packets to natd is one thing, what the happens to them after that is another. You ARE missing the setup for natd. Check this out: http://www.freebsddiary.org/ipfw.php Please read this link. I sent you something similar in my previous reply. And you are still asking the same question. It is very self-explanatory. Cheers, Alhagie. --- Michelle <tristan11@mindspring.com> wrote: > i have a freebsd server running 4.6.2 with 2 nic > cards installed one > for our lan (fxp0) that provides connection to the > outside world via > dsl and the other for an internal subnet (xl0). i > have both natd and > ipfw configured and running. when on the subnet, i > can not connect to > the outside. i tried flushing the firewall rules > and adding only: > > ipfw add 100 divert natd all from any to any via > fxp0 > ipfw add 200 allow all from any to any > > i am then able to connect from a client on the > subnet to an outside ip > address. > > then i tried flushing the rules again and adding: > > ipfw add 100 divert natd all from any to any via > fxp0 > ipfw add 200 allow all from 192.168.53.200 to any > ipfw add 300 allow all from any to 192.168.53.200 > > i don't understand why the above rules would stop > the client on the > subnet from making a connection to the outside. is > there another rule > i need to add? > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031024093532.82462.qmail>