Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 16 Jul 1998 00:28:36 +0200 (CEST)
From:      Eilko Bos <Eilko.Bos@nl.origin-it.com>
To:        kuku@gilberto.physik.RWTH-Aachen.DE (Christoph Kukulies)
Cc:        freebsd-isdn@FreeBSD.ORG
Subject:   Re: natd/firewall issues
Message-ID:  <199807152228.AAA01742@linda.mpn.cp.philips.com>
In-Reply-To: <199807151433.QAA25483@gilberto.physik.RWTH-Aachen.DE> from Christoph Kukulies at "Jul 15, 98 04:33:12 pm"
next in thread | previous in thread | raw e-mail | index | archive | help 
> 
> After re-establishing the setup I had running under 2.2.5/bisdnd,
> especially the firewall/natd settings I found that I cannot route
> through ipr0 when the same natd/firewall rules are applied I had
> under 2.2.5/bisdnd.
> 
> Are there any caveats to know about when using i4b with natd?
> 
> /etc/rc.firewall
> /sbin/ipfw -f flush
> #/sbin/ipfw add divert natd all from any to any via ipr0
> /sbin/ipfw add pass all from any to any
> 
> If I uncomment the ipr0 line, I cannot route out packets
> in conjunction with:
> 
> /etc/rc.local:
> 
<snip>

I run freebsd 2.2.5 / i4b-00.60-alpha-070598 (eeeeehrm...)

read the natd manual well.
I've thrown away the rc.firewall and do the next:

---- ./dialin.sh ----
#! /bin/sh 
xterm -T Isdn -n Isdnd -e /usr/local/bin/isdnd -F -d0x71 &
ifconfig isppp0 inet 0.0.0.0 123.134.71.100 netmask 0xffffff00
ifconfig isppp0 down
route add default 123.134.71.100
spppcontrol isppp0 myauthproto=pap myauthname=authname myauthsecret=123445
ifconfig isppp0 up
natd -n isppp0
# /sbin/ipfw -f flush
/sbin/ipfw add divert natd all from any to any via isppp0
/sbin/ipfw add pass all from any to any

And that works fine. Don't do the flush since that one seems to kill isppp0

As said, you need to read the manpage of natd, because you need to do some
settings in rc.conf as well. If things start to complain about a missing
rc.firewall, just touch it, that will work.

Good luck.

Cheers,
Eilko.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isdn" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807152228.AAA01742>