From owner-freebsd-questions Mon Jan 11 07:05:00 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA14266 for freebsd-questions-outgoing; Mon, 11 Jan 1999 07:05:00 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from buphy.bu.edu (BUPHY.BU.EDU [128.197.41.42]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA14241 for ; Mon, 11 Jan 1999 07:04:58 -0800 (PST) (envelope-from bgregor@buphy.bu.edu) Received: from localhost (bgregor@localhost) by buphy.bu.edu ((8.8.8.buoit.v1.0)/8.8.8/(BU-W-10/08/98-v1.0)) with ESMTP id KAA19076 for ; Mon, 11 Jan 1999 10:04:24 -0500 (EST) Date: Mon, 11 Jan 1999 10:04:24 -0500 From: Brian Gregor To: freebsd-questions@FreeBSD.ORG Subject: IPfilter & DHCP config Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I will shortly be converting my IP masquerading Linux box that connects my home LAN to my cable modem provider to a FreeBSD box. Why? Well, I've been convinced of fbsd's superior TCP/IP performance, I like its upgrade system, and it gives me something to do other than Jackson's E&M book. I understand how to do the following: configure my two NICs, a 3Com 509 (not 509b - I know this card sucks) and an SMC 8013, install ipfilter and set up some rules for filtering and doing NAT, and install DHCP so that the 3Com card will get its IP address and info from the cable modem. Here are the steps I don't quite get (and would like to have figured out BEFORE I take down a working system!): how to get the file /etc/natrules to use the dynamically assigned "real" IP address, i.e. modify a line like this: map ep0 10.0.0.0/8 -> 24.24.24.24/32 portmap tcp/udp 10000:65000 where 24.24.24.24 is the IP address from DHCP. make sure that the two games I occasionally use online can pass through the firewall, quake and delta force. I use the Linux kernel module for quake, and the ipautofw program for df currently. Would the standard "permissive rules" in the file BASIC_2.FW in the ipfilter installation take care of this? I have read through the documentation on freebsddiary.com (a great resource!) and the mailing list archives, but this is not clear to me. One last thing: I'll be replacing the 3Com card in a little bit with another SMC 8013, which is not buggy. I assume that all I'd have to do is add a line in my kernel config so that they'd look like this: device ed0 at isa? port 0x280 net irq 11 iomem 0xcc000 vector edintr device ed1 at isa? port 0x300 net irq 10 iomem 0xd0000 vector edintr (or some combo of addresses and IRQs that won't conflict with anything) Thank you, Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message