Date: Wed, 26 May 1999 00:24:03 -0700 (PDT) From: Shawn Workman <sworkman@nidlink.com> To: Thomas Seidmann <tseidmann@simultan.ch> Cc: freebsd-net@FreeBSD.ORG Subject: Re: Just a question Message-ID: <XFMail.990526002403.sworkman@nidlink.com> In-Reply-To: <374B9FC2.6D1078CD@simultan.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the info.. I am assuming that rule number 300 is the important one(for natd). I will go ahead and make the necessary mods and have some fun.. Thanks again.. On 26-May-99 Thomas Seidmann wrote: > Shawn Workman wrote: >> >From the FreeBSD host. >> >> > Basically, you should run 'natd -interface fxp1', since fxp1 is the >> > public interface. Od course fxp1 has got to have a valid IP address. You >> > should provide more details in order to get help. I can assure you NAT >> > works perfectly in both -stable and -current. >> >> I was running NAT on fxp1 and it had a valid address. As soon as I ran >> natd -interface fxp1 >> I could no longer access the Internet.. > > OK, in this case the ipfw rules must be missing. Be sure they look like > this (obtained with 'ipfw l'): > > 00100 allow ip from any to any via lo0 > 00200 deny ip from any to 127.0.0.0/8 > 00300 divert 8668 ip from any to any via fxp1 > 65000 allow ip from any to any > 65535 deny ip from any to any > > The numbers can be different, and rule 65000 can be replaced by more > specific firewall rules. > >> another question, Does natd start at boot? > > Yes, if you specify in rc.conf the following: > > natd_enable="YES" > natd_interface="fxp1" > > Regards, > Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990526002403.sworkman>