From owner-freebsd-ipfw Sun Jun 2 22:54:53 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from switzcpl.lib.in.us (socrates.switzcpl.lib.in.us [165.139.215.10]) by hub.freebsd.org (Postfix) with ESMTP id A65F437B404; Sun, 2 Jun 2002 22:54:42 -0700 (PDT) Received: from [192.168.100.2] (dialup1.switzcpl.lib.in.us [192.168.10.31]) by switzcpl.lib.in.us (8.9.3/8.9.3) with ESMTP id AAA55935; Mon, 3 Jun 2002 00:54:36 -0500 (EST) (envelope-from leclaire@switzcpl.lib.in.us) Date: Mon, 3 Jun 2002 00:54:35 -0500 (EST) From: Andre LeClaire X-X-Sender: To: "a.s.gruner" Cc: , Subject: Re: ipfw+natd+ppp problem In-Reply-To: <20020602200539.A1206@encephalon.de> Message-ID: <20020603003926.T335-100000@localhost> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm not sure about ppp, but natd works great with pppd. However, it looks to me like you need a "divert natd" rule in your firewall script. Refer to /etc/rc.firewall. Actually, the easiest thing would be to delete the "firewall_script" line, and add "firewall_type="OPEN"" to /etc/rc.conf. Andre On Sun, 2 Jun 2002, a.s.gruner wrote: > Hi. > > I have some problems with setting up ipfw+ppp+natd on my FreeBSD > 4.6-RC machine. > > ppp is working perfectly (user ppp). > > Now I want to run ipfw as firewall and natd for the windows box. > FreeBSD Box has the interface xl0 with the IP 192.168.0.1 > Windows Box has the IP 192.168.0.2 > I can ping both of them. > > But i am not able to connect to the internet with the windows box via > the freebsd box. > Ok, first the configuration: > > /etc/rc.conf: > (just the parts for ipfw and natd) > > gateway_enable="YES" > firewall_enable="YES" > firewall_script="/etc/firewall/fwrules" > > natd_program="/sbin/natd" > natd_enable="YES" > natd_interface="tun0" > natd_flags="-dynamic" > > > /etc/firewall/fwrules: > > ipfw add 65534 allow ip from any to any > > > Yeah, i know there is no rule right now, it is all allowed. Well, on my > FreeBSD Box everything is working perfectly. > > Ah, my kernel, i insert these lines and compiles a new one before i did > the above changes: > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=100 > options IPDIVERT > > > On my FreeBSD Box wwwoffle is also running, but if this proxy is running > or not, there is no difference, windows box cant get to the internet.... > > On my windows box i cant ping to the outside, and cant get a webpage at > all. > > I am running ppp like: > > #ppp > >dial internet > > Hmm, well, i hope i havent forgot anything, so that someone can help me > out of this. > > Uh, i read that, before natd is running, ppp has to run. Well, i am > using a dial up modem connection and i dont want to run ppp on startup, > so, is this the problem that i am running natd before i run ppp ? Well, > if i kill natd, run ppp (connect to the internet) and start natd again, > the windows box cant get a connection too. > > On the Windows Box, i have insert the DNS Server IP, like the one on the > freebsd box in resolv.conf, and, the gateway IP is the IP of the freebsd > Box, 192.168.0.1 (xl0). > > asg > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message