From owner-freebsd-questions Tue Nov 24 09:03:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA12737 for freebsd-questions-outgoing; Tue, 24 Nov 1998 09:03:37 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA12723 for ; Tue, 24 Nov 1998 09:03:36 -0800 (PST) (envelope-from dan@dpcsys.com) Received: from localhost (dan@localhost) by java.dpcsys.com (8.9.1a/8.9.1) with SMTP id JAA03025; Tue, 24 Nov 1998 09:03:44 -0800 (PST) Date: Tue, 24 Nov 1998 09:03:44 -0800 (PST) From: Dan Busarow To: Paul Dekkers cc: FreeBSD Mailinglist Subject: Re: natd: what's wrong? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 24 Nov 1998, Paul Dekkers wrote: > | Do you have IP forwarding enabled in rc.conf? What firewall type > | do you have in rc.conf? > > Yes, however forward_sourceroute=NO, is that wrong? No, that's what you want. > I have no firewall in rc.conf > I have a default policy to enable all trafic, and in rc.local I have my > divert rule... My reading of the man pages suggests that running a firewall is not optional. You need to run ipfw. You can set the type to open which enforces your enable all policy. Set firewall_enable to YES and firewall_type to OPEN in rc.conf and move the divert rule from rc.local to rc.firewall (as the first line of the OPEN section). Dan -- Dan Busarow 949 443 4172 Dana Point Communications, Inc. dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message