Date: Fri, 06 Jul 2001 13:56:17 -0500 From: Eric Long <eric@metrotv.com> To: Joe Clarke <marcus@marcuscom.com> Cc: <questions@FreeBSD.ORG> Subject: Re: Is this a routing problem? Message-ID: <B76B7400.3CE7%eric@metrotv.com> In-Reply-To: <20010706144417.F64705-100000@shumai.marcuscom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry, I inadvertently deleted the first line of ipfw output in my previous message. I do have that line and it is still not working. ipfw output: 00050 divert 8668 ip from any to any via eth0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 65000 allow ip from any to any 65535 deny ip from any to any -Eric > You're ipfw rules aren't diverting anything to natd. You need a rules > like: > > /sbin/ipfw add divert natd all from any to any via eth0 > > In your firewall rules. > > Joe Clarke > > On Fri, 6 Jul 2001, Eric Long wrote: > >> I am at a loss with this setup, any suggestions are welcome: >> >> Details: >> Running Freebsd 4.3-RELEASE, ipfw, natd, dhcpd, and gateway is enabled >> >> I'm running this box with two NIC's and an Emerging Technologies card that >> functions as a router. The Emerging Technologies card (eth0) is the WAN >> interface, one of the NIC's (fxp1) is the LAN interface. Nothing on the LAN >> interface can access the internet (via the WAN interface). >> >> What I know: >> 1.) Traffic gets to the FreeBSD box from the WAN interface. >> 2.) Traffic goes out the WAN interface from the FreeBSD box >> 3.) Traffic goes out the LAN interface from the FreeBSD box (workstations >> are assigned ip's via dhcpd therefore telling me that they are seeing the >> box on the network via the LAN interface), plus I can also ping these boxes >> when they are assigned an IP >> 4.) Traffic does NOT go out the WAN interface from the LAN interface (no >> workstation can reach the net). >> >> Problem: >> Is this a routing issue? Traffic simply isn't being passed from the LAN >> interface to the WAN interface. >> >> My routing tables: >> >> % netstat -r -n >> Routing tables >> >> Internet: >> Destination Gateway Flags Refs Use Netif >> Expire >> default 65.114.176.41 UGSc 6 24630 eth0 >> 65.114.176.41 65.114.176.42 UH 5 2 eth0 >> 127.0.0.1 127.0.0.1 UH 0 4 lo0 >> 192.168.1 link#2 UC 0 0 fxp1 => >> >> eth0 is 65.114.176.42 >> fxp1 is 192.168.1.1 >> >> Pertinent details from /etc/rc.conf: >> gateway_enable="YES" >> firewall_enable="YES" >> firewall_type="open" >> natd_enable="YES" >> natd_interface="eth0" >> natd_flags="-f /etc/natd.conf" >> >> ipfw details: >> % ipfw list >> 00100 allow ip from any to any via lo0 >> 00200 deny ip from any to 127.0.0.0/8 >> 00300 deny ip from 127.0.0.0/8 to any >> 65000 allow ip from any to any >> 65535 deny ip from any to any >> >> -Eric >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >> >> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B76B7400.3CE7%eric>