Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 20 Feb 2000 14:22:01 -0800
From:      "John Purser" <johnmpurser@home.com>
To:        <cjclark@home.com>
Cc:        <questions@FreeBSD.ORG>
Subject:   RE: Setting up a Gateway to @home - Newbie VERY confused
Message-ID:  <000001bf7bf0$e9a16820$40390918@vncvr1.wa.home.com>
In-Reply-To: <20000220162251.C36373@cc942873-a.ewndsr1.nj.home.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Christ,

Thanks for the help.  I followed your instruction and here is what has
happened so far:

I had to change the ipfw line to:
ipfw add 100 divert NATD all FROM any to any via fxp1  (CAPS being upper
case versions of my  additions)

I edited the rc.conf but the ipfw rules still don't come up on reboot.
Should the firewall_type option = OPEN instead of open?

When I enter "ping yahoo.com" nothing happens, not even the command prompt
until I hit control C.

You were right about sysinstall.  It had created 5 versions of my network
cards in rc.conf which tells you how long I've been poking at this.

Any other ideas?  I don't know where to go from here.

Thanks,

John Purser

-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Crist J. Clark
Sent: Sunday, February 20, 2000 1:23 PM
To: John Purser
Cc: questions@FreeBSD.ORG
Subject: Re: Setting up a Gateway to @home - Newbie VERY confused


On Sun, Feb 20, 2000 at 09:57:56AM -0800, John Purser wrote:
> Hello,
>
> I have a computer running FreeBSD 3.4 (custom kernel) with two network
cards
> (fxp0, fxp1).  fxp0 is on my local network (FreeBSD, NTWks, Win98) and I
> want to use fxp1 to connect to my AT&T@home cable modem.  I have a static
IP
> address from @home, both NIC's are recognized by FreeBSD but I'm still
> having trouble.  I've read man pages, huge chunks for the manual, man
pages
> galore, and several tutorials that start out with "All you have to do..."
> and nothing is working.
>
> Using /stand/sysinstall I've configured fxp1 with the info from @home
(Host
> name, Domain, DNS Server, Gateway, IP address, subnet mask).  Now I'm
trying
> to configure fxp0 for my network but changing the host name changes it for
> both cards.  I thought the whole point of having two cards was that each
> card had it's own complete set of info.  Apparently I'm way off base there
> but that leaves me not knowing how to proceed.

Don't use /stand/sysinstall to try to do both NICs. It is beyond the
scope of what sysinstall was created for.

>From what I've read there seem to be five things that need to be configured
> for my FreeBSD box to work as a gateway:
> fxp0 (Private network)
> 	HOST:
> 	DOMAIN:
> 	DNS Server:
> 	GATEWAY:
> 	IP ADDR: 192.168.0.NNN
> 	SUBNET MASK: 255.255.255.0
> fxp1 (@home)
> 	HOST: CWHATEVER
> 	DOMAIN: HOME.COM
> 	DNS Server: 24.YYY.YYY.YYY
> 	GATEWAY: 24.XXX.XXX.XXX
> 	IP ADDR: 24.ZZZ.ZZZ.ZZZ
> 	SUBNET MASK: 255.255.255.0

hostname(1), domain name, DNS server, and gateway are not things
associated with a NIC. Only an address, subnet mask, and broadcast
address are associated with the NIC. See tha output of 'ifconfig -a.'

> ipfw:
>
> natd:
>
> bind:
>
> I've filled in what I'm fairly confident about.  I know this is a lot to
ask
> for on the mailing list but this is my third day trying get there on my
own
> and I don't have a whole lot to show for it.  I've got a ton of books in
the
> mail (Thank you Amazon and O'Reilly) but I want to at least connect my
> FreeBSD box to the internet before reading all of them!

"All you have to do" to have this one machine connected to the
Internet is have the outer NIC (fxp1) configured properly. I'll assume
you have done that in sysinstall. Now, if you have machines behind
this box you want to access the Internet on, we have a few more
things. First, we need to configure the internal interface (let's just
say you use 192.168.0.0/24 for a private address-space),

  # ifconfig fxp0 inet 192.168.0.254

You are all set there. But we need NAT for the internal machines. That
is as simple as (provided the kernel has DIVERT built in, see natd(8)),

  # natd -u -n fxp1

Now, we need to add the divert rule to the firewall,

  # ipfw add 100 divert all any to any via fxp1

And that's really all you need there.

To get this to work on boot, edit rc.conf,

  hostname="really.long.ugly.home.com"
  network_interfaces="lo0 fxp0 fxp1"
  ifconfig_fxp0="inet 192.168.0.254"
  ifconfig_fxp1="inet <your public IP> netmask 255.255.255.0"
  firewall_enable="YES"
  firewall_type="open"
  natd_enable="YES"
  natd_interface="fxp1"
  natd_flags="-u"

> Has anyone seen a good tutorial on this?  I've tried a few but not only
did
> they not work I didn't even get enough of a response to figure out what
was
> not working.

If you've read all the stuff you said you did, I don't see how it
could be too much of a problem. Just try to get away from
/stand/sysinstall. The only thing that I like using it for besides
installing is that nice interactive interface to fdisk.
--
Crist J. Clark                           cjclark@home.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?000001bf7bf0$e9a16820$40390918>