From owner-freebsd-questions Mon Oct 23 8:24:53 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ns.ezl.com (ns.ezl.com [208.33.203.10]) by hub.freebsd.org (Postfix) with ESMTP id 5CC6B37B4C5 for ; Mon, 23 Oct 2000 08:24:49 -0700 (PDT) Received: from amd800 (MultiSegC30.ezl.com [208.33.200.94]) by ns.ezl.com (8.9.0/8.9.0) with SMTP id KAA23678; Mon, 23 Oct 2000 10:24:44 -0500 (CDT) Message-ID: <000c01c03d05$9d4eeca0$0200000a@garnax.com> From: "Erik" To: Cc: References: <000701c03cab$4a7c2ce0$0200000a@garnax.com> <20001023001256.G75251@149.211.6.64.reflexcom.com> Subject: Re: routing with natd Date: Mon, 23 Oct 2000 10:26:27 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG cable (dhcp) ---(vr0)-> BSD machine --(ed0)--> hub = = = > pc1 & pc2 > > I have installed: FreeBSD 4.1-RELEASE > > I think this is the useful stuff from the rc.conf file: > > > > ifconfig_vr0="DHCP" > > gateway_enable="YES" > > network_interfaces="lo0 ed0 vr0" # List of network interfaces > > ipconfig_lo0="inet 127.0.0.1" # default loopback device > > ifconfig_ed0="inet 10.0.0.1 netmask 255.255.255.0" > > firewall_enable="YES" > > firewall_type="OPEN" > > firewall_script="/etc/firewall/fwrules" # created by me > > What rules are you using? Actually, the output of 'ipfw show' would be > prefered. ipfw show 00100 421 49506 divert 8668 ip from any to any via vr0 00200 2827 287913 allow ip from any to any 65535 1 340 deny ip from any to any /etc/firewall/fwrules fwcmd="/sbin/ipfw" $fwcmd -f flush $fwcmd add divert natd all from any to any via vr0 $fwcmd add pass all from any to any > > > natd_program="/sbin/natd" > > natd_enable="YES" > > natd_interface="vr0" > > > > PC1 and PC2 > > win98 SE installed on both > > ips: 10.0.0.2 and 10.0.0.3 and subnet mask is 255.255.255.0 > > dns configuration: host: pc1 and pc2 domain: whatever.com > > dns search order: x.x.x.x dns server for cable > > > > c:\windows\hosts.sam > > 127.0.0.1 localhost > > 10.0.0.1 BSD BSD.whatever.com > > 10.0.0.2 PC1 PC1.whatever.com > > 10.0.0.3 PC2 PC2.whatever.com > > > > I recompiled my kernel with IPDIVERT and IPFIREWALL as options. > > I am able to access the internet from the BSD machine. > > I can ping pc1(10.0.0.2) and pc2(10.0.0.3) either by ip or alias from the > > BSD machine. (edited hosts) > > I can telnet in to the BSD machine from pc1 or pc2 by using 10.0.0.1 (but > > not aliases) > > A Windows problem. *shock* > > > What I want to do is have the BSD machine act as a firewall/router so that > > my little > > network has access to the internet while still being protected. I would > > also like to > > be able to telnet into it (lack of monitors). > > > > > > Is there anything else I have to do to these windows machines? > > No, assuming that they were properly setup by whoever installed the > OSes, the only thing you probably need to do is put in the network > information that you mentioned above. This is just a home networking system, I have setup everything. I just wanted to make sure I had them setup correctly as well. > > Is my rc.conf correct? and Should I change anything in the rc.conf file? > > firewall_type="simple"? > > This will be whatever you make of it since you are not using the > default /etc/rc.firewall where the 'firewall_type' variable is used. > > > What should I have in the fwrules file? > > Whatever firewall rules you need to set up. However, to get things > started, I would suggest using the 'OPEN' firewall rules in > /etc/rc.firewall and then setup your own rule file once you get that > going. > > Finally, are you actually having any problems? From what you said, you > can reach all of the other machines from the FreeBSD box and the Win > boxes can reach the FreeBSD machine, but you never said if there were > any successes or failures with anything else. > -- > Crist J. Clark cjclark@alum.mit.edu The problem I am having is that the network computers (pc1 and 2) are unable to connect to the internet. I am trying to iron out where the problem might be. I am able to go back and forth with the generic ip addresses but (from the pcs) if I try to access anything on the net, it fails. Any idea what might be the problem? If you need any more information let me know Erik erik@ezl.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message