Date: Tue, 12 Dec 2000 17:23:02 -0800 From: Darcy Buskermolen <darcy@ok-connect.com> To: <freebsd-ipfw@FreeBSD.ORG> Subject: Re: sigh, today is just not my day. Message-ID: <3.0.32.20001212172301.0285bc20@mail.ok-connect.com>
next in thread | raw e-mail | index | archive | help
you can't route private IP space through the internet like that.. What you need is to use natd to do either 1-1 IP translation ot 1 to many IP translation.. make sure that you have the IPDIVERT option compled into your kernel and put the following into your /etc/rc.conf natd_enable="YES" natd_interface="xl0" At 04:28 PM 12/12/00 -0700, you wrote: >Right, first off thank you to all who helped me out with the >kern.securelevel issue. Okay here we go, the major reason for me to be >doing this is that my boss wants a firewall ASAP. She purchased Checkpoint >for $2000-2500, and it needed a subscription ~$400/year. I talked to her >about using a Unix based firewall solution and the cost would be only in >work hours (unlike checkpoint which would add $$$). She liked the idea. >Our ISP uses FreeBSD, so I thought what the hell why not. I am coming from >a Linux/SunOS background, but more of a CS student than as a admin. This >email list and its members have been great to me. Okay so the conundrum. I >want to test the FreeBSD (4.1.1) machine. It has two nicks ifconfig comes >up great (please see attachment info.txt). I have a set of firewall rules >in ipfw that seem to do the trick (please see attachment rc_firewall.txt). >So here goes >*** note that xl1 has no carrier since I unplugged the cross over cable *** > >My machine(win98) freebsd machine >ip 192.168.1.250 192.168.1.225 (inside interface) >netmask 255.255.255.224 255.255.255.224 >its gateway 192.168.1.225 (the firewall machine) >is dns servers are the same >as the freebsd machines (ie our isp dns servers) > >right. So the freebsd machine can see the out side world. When I have my >machine behind the firewall I cant see Jack (if at all). What I am doing >wrong? Any help will be appreciated. I have been poring over the freebsd >website, freebsddiary.org, and other sites. >you guys/gals rock > >-Carlos Andrade >---- >Carlos A. Andrade >IS Manager >RJS Technologies >915.845.5228 ext 13 915.845.2119 fax >carlos@rjstech.com > >Attachment Converted: "C:\Program Files\Eudora32\attach\rc_firewall.txt" > >Attachment Converted: "C:\Program Files\Eudora32\attach\info.txt" > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.20001212172301.0285bc20>