Date: Fri, 6 Jul 2001 15:20:16 -0400 From: Manolo Valdes <admin@atenas.cult.cu> To: Eric Long <eric@metrotv.com> Cc: freebsd-questions@freebsd.org Subject: Re: Is this a routing problem? Message-ID: <01070615273501.04051@proxy.atenas.cult.cu> In-Reply-To: <B76B6F1D.3CDE%eric@metrotv.com> References: <B76B6F1D.3CDE%eric@metrotv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 06 Jul 2001, you wrote: > I am at a loss with this setup, any suggestions are welcome: > > Details: > Running Freebsd 4.3-RELEASE, ipfw, natd, dhcpd, and gateway is enabled > > I'm running this box with two NIC's and an Emerging Technologies card that > functions as a router. The Emerging Technologies card (eth0) is the WAN > interface, one of the NIC's (fxp1) is the LAN interface. Nothing on the LAN > interface can access the internet (via the WAN interface). > > What I know: > 1.) Traffic gets to the FreeBSD box from the WAN interface. > 2.) Traffic goes out the WAN interface from the FreeBSD box > 3.) Traffic goes out the LAN interface from the FreeBSD box (workstations > are assigned ip's via dhcpd therefore telling me that they are seeing the > box on the network via the LAN interface), plus I can also ping these boxes > when they are assigned an IP > 4.) Traffic does NOT go out the WAN interface from the LAN interface (no > workstation can reach the net). > > Problem: > Is this a routing issue? Traffic simply isn't being passed from the LAN > interface to the WAN interface. > > My routing tables: > > % netstat -r -n > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 65.114.176.41 UGSc 6 24630 eth0 > 65.114.176.41 65.114.176.42 UH 5 2 eth0 > 127.0.0.1 127.0.0.1 UH 0 4 lo0 > 192.168.1 link#2 UC 0 0 fxp1 => > > eth0 is 65.114.176.42 > fxp1 is 192.168.1.1 > > Pertinent details from /etc/rc.conf: > gateway_enable="YES" > firewall_enable="YES" > firewall_type="open" > natd_enable="YES" > natd_interface="eth0" > natd_flags="-f /etc/natd.conf" > > ipfw details: > % ipfw list if natd is enable when you ipfw list you should get 00050 divert "natd port" ip from any to any via "natd_interface" check the /etc/natd.conf and why /etc/rc.firewall are not loading the natd rule check if your kernel was compiled with options IPDIVERT # For Nat > 00100 allow ip from any to any via lo0 > 00200 deny ip from any to 127.0.0.0/8 > 00300 deny ip from 127.0.0.0/8 to any > 65000 allow ip from any to any > 65535 deny ip from any to any > > -Eric Manolito To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01070615273501.04051>