From owner-freebsd-questions Fri Jan 17 5:53: 3 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DBEB237B401 for ; Fri, 17 Jan 2003 05:53:00 -0800 (PST) Received: from mailgate1.sover.net (mailgate1.sover.net [209.198.87.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2731A43ED8 for ; Fri, 17 Jan 2003 05:53:00 -0800 (PST) (envelope-from reytech@sover.net) Received: from granite.sover.net (granite.sover.net [209.198.87.33]) by mailgate1.sover.net (8.11.6/8.11.6) with ESMTP id h0HDqvI29830; Fri, 17 Jan 2003 08:52:57 -0500 (EST) Date: Fri, 17 Jan 2003 08:52:56 -0500 (EST) From: "Stephen D. Kingrea" To: Bill Moran Cc: freebsd-questions@FreeBSD.ORG Subject: Re: different ipfw/natd prob In-Reply-To: <3E2801FC.1000506@potentialtech.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG following is rc.conf, /etc/natd.conf, ifconfig, ipfw show rc.conf inetd_enable="YES" kern_securelevel_enable="NO" linux_enable="YES" tcp_extensions="YES" named_enable="YES" sendmail_enable="NO" portmap_enable="YES" router_enable="yes" router="/sbin/routed" router_flags="-q" defaultrouter="68.abc.de.1" hostname="www.kingrea.com" network_interfaces="lo0 fxp0 dc0" ifconfig_lo0="inet 127.0.0.1" ifconfig_dc0="inet 68.abc.de.14 netmask 255.255.255.0 media 10baseT/UTP" ifconfig_fxp0="inet 192.168.2.1 netmask 255.255.255.0" firewall_enable="YES" firewall_type="OPEN" gateway_enable="YES" natd_enable="YES" natd_interface="dc0" natd_flags="-f /etc/natd.conf" natd.conf interface dc0 use_sockets yes same_ports yes ifconfig dc0: flags=8843 mtu 1500 inet 68.abc.de.14 netmask 0xffffff00 broadcast 68.abc.de.255 inet6 fe80::204:5aff:fe5a:9987%dc0 prefixlen 64 scopeid 0x1 ether 00:04:5a:5a:99:87 media: Ethernet 10baseT/UTP status: active fxp0: flags=8843 mtu 1500 inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 inet6 fe80::2a0:c9ff:fe5c:3738%fxp0 prefixlen 64 scopeid 0x2 ether 00:a0:c9:5c:37:38 media: Ethernet autoselect (100baseTX) status: active lp0: flags=8810 mtu 1500 faith0: flags=8002 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff000000 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 ipfw show 00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 4208 345040 all ip from any to any 65535 0 0 deny ip from any to any thanks for assistance! stephen d. kingrea On Fri, 17 Jan 2003, Bill Moran wrote: >Stephen D. Kingrea wrote: >> i have a slightly different ipfw/natd problem. >> >> machines on the lan can ping internal nic on the server (fbsd 4.7), and >> the external nic, but can not ping or reach anything outside. unless i >> telnet into the server, then telnet out. currently running ipfw >> "open" until problem is solved. server can ping all machines on lan. > >On a wild guess, it sounds like your divert rule is wrong. >Need more information to help with this. > >Please repost to the list and include the following: >The output of 'ipfw show' >The output of 'ifconfig' >The contents of your rc.conf file > >-- >Bill Moran >Potential Technologies >http://www.potentialtech.com > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message