From owner-freebsd-questions Wed Jan 22 4:48:56 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8E62037B401 for ; Wed, 22 Jan 2003 04:48:55 -0800 (PST) Received: from scanmail3.cableone.net (scanmail3.cableone.net [24.116.0.123]) by mx1.FreeBSD.org (Postfix) with ESMTP id A7E7C43F13 for ; Wed, 22 Jan 2003 04:48:51 -0800 (PST) (envelope-from stargate@cableone.net) Received: from scanmail3.cableone.net ([10.116.0.123]) by scanmail3.cableone.net with Microsoft SMTPSVC(5.5.1877.687.68); Wed, 22 Jan 2003 05:46:59 -0700 Received: from scanmail3.cableone.net [24.116.0.123] by scanmail3.cableone.net (SMTPD32-7.04) id A2C037CF01A4; Wed, 22 Jan 2003 05:46:59 -0700 Received: from Tower (24-117-48-3.cpe.cableone.net [24.117.48.3]) by mail.cableone.net with SMTP (MailShield v2.04 - WIN32 Jul 17 2001 17:12:42); Wed, 22 Jan 2003 05:46:59 -0700 Message-ID: <000501c2c214$99dbd290$0200a8c0@Tower> From: "Brian Davis" To: Subject: "simple" ipfw question Date: Wed, 22 Jan 2003 06:48:45 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-SMTP-HELO: Tower X-SMTP-MAIL-FROM: stargate@cableone.net X-SMTP-PEER-INFO: 24-117-48-3.cpe.cableone.net [24.117.48.3] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Greetings, I am attempting to build a dual-homed firewall using FreeBSD 4.7 RELEASE. The PC is presently connected to a corporate LAN with DHCP and DNS servers and a broadband connection to the Internet. The outside interface (rl0) is configured as follows: IP address: a.b.148.62 (dynamically assigned) Subnet: 255.255.248.0 Gateway: a.b.144.254 DNS: a.b.144.1 The inside interface (rl1) is configured as follows: IP address: 192.168.1.1 Subnet: 255.255.255.0 My private network consists of one workstation which is set up as follows: IP address: 192.168.1.2 Subnet: 255.255.255.0 Gateway: 192.168.168.1 DNS: a.b.144.1 When I use the "open" ruleset in /etc/rc.firewall, the workstation on my private network can get through the firewall to the LAN and the Internet. When I switch to the "simple" ruleset, the firewall stops forwarding packets. From the console, I can ping the outside and inside interfaces, but nothing else. Everything looks normal in dmesg. Additional info upon request! Brian Davis To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message