Date: Thu, 20 Jan 2000 08:28:34 -0500 From: "Troy Settle" <stop@dashit.net> To: "lam" <lam@NUXI.com>, <questions@freebsd.org> Subject: RE: Natd and dhcp, Message-ID: <NDBBLOMCGLFPEPCPJEKKKEBFCAAA.stop@dashit.net> In-Reply-To: <Pine.BSF.3.96.1000119195747.82295A-100000@relay.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The firewall rules are taken care of automagically by rc.firewall. It's
already got a check in there for natd, and will add the approprite rule.
For kicks, here's what I've got on one box I'm doing this on, I've got ed1
to the internet, and ed2 on my internal network:
# cat /etc/rc.conf | grep "applicable stuff"
firewall_enable="YES"
firewall_type="open"
network_interfaces="ed1 ed2 lo0"
ifconfig_ed1="inet 209.100.20.126 netmask 255.255.255.224"
ifconfig_ed2="inet 10.10.100.1 netmask 255.255.255.0"
natd_enable="YES"
natd_interface="ed1"
natd_flags="-s
# ipfw list
00100 divert 8668 ip from any to any via ed1
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65535 allow ip from any to any
# cat /etc/dhcpd.conf
server-identifier 10.10.100.1;
subnet 10.10.100.0 netmask 255.255.255.0 {
range 10.10.100.2 10.10.100.240;
option domain-name-servers 209.100.20.2, 209.100.20.3;
option routers 10.10.100.1;
option subnet-mask 255.255.255.0;
option broadcast-address 10.10.100.255;
default-lease-time 2592000;
max-lease-time 2592000;
}
subnet 209.100.20.96 netmask 255.255.255.224 {
}
Hope this helps...
-Troy
> -----Original Message-----
> From: owner-freebsd-questions@FreeBSD.ORG
> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of lam
> Sent: Wednesday, January 19, 2000 23:07
> To: questions@freebsd.org
> Subject: Natd and dhcp,
>
>
>
> Hi,
> I am trying to setup natd with dhcp. One nic is using dhcp
> client, the other nic have a static ip (internal network). My problem is
> trying to use natd to route everything from the 2nd one to the first one.
> Natd manpage mentioned about the three rules in rc.firewall; where
> should I put them?
> I set in rc.conf:
> firewall_enable="YES"
> firewall_type="simple"
> and then I am stuck on the rc.firewall. A simple rc.firewall example is
> more than appreciate.
>
> Thanks.
>
> ---Lam Nguyen
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBLOMCGLFPEPCPJEKKKEBFCAAA.stop>