Date: Thu, 20 Apr 2000 19:47:56 -0700 (PDT) From: Alan Chan <alanux@excite.com> To: freebsd-questions@FreeBSD.ORG Subject: Network Troubleshooting (ipf.rules and ipnat.rules) Message-ID: <15653767.956285276711.JavaMail.imail@ants.excite.com>
next in thread | raw e-mail | index | archive | help
Hi all, I've spent countless hours troubleshooting my network, but couldn't get to work so I'm asking for any help I can get. I have a small network setup and I'm using ipnat.rules and ipf.rules (from OpenBSD) for ip filtering on my FreeBSD gateway/firewall machine. Here's the sittuation: I have two network cards installed on my firewall machine; of the two cards, one entails an external ip address (dco has a cable modem static ip address given by ATHOME) and the other entails a private ip address (dc1: 192.168.1.1). On a separate machine is my DNS server, which includes one network card with a private IP address (192.168.1.2). I have eight computers connected on a 3Com switch. So here's the question: What are some of the commands/things that I (can) need to use to troubleshoot my network? I've used the following the files to config: /etc/rc.conf /etc/resolv.conf /etc/hosts Here is what I did to set up my network: (1) /stand/sysinstall => index => interfaces => no for multi-user => no dhcp => dc0 => dc1 (2) add primary and secondary addresses to resolv.conf file (3) edit the "/etc/hosts" file For my gateway/firewall server, I used "ifconfig -a" and it showed that all network devices have the correct ip address. However, when i used "netstat -rn", 192.168.1.1 has a "netif" of lo0, while 192.168.1.2 has a "netif" of dc1? I was expecting 192.168.1.1 to have dc1... I can ping from 192.168.1.2 to 192.168.1.1 and vice-versa (also work when pinging with any address on the network). However, I can't ping to the outside world (i.e. cnet.com or yahoo.com). I've checked my "etc/resolv.conf" file and it contains the correct dns address. I am thinking that there has to be a problem with my ipnat.rules or ipf.rules, but not really sure. Anyway, i'm having trouble connecting back to the Internet. I appreciate any feedback or insights anyone can give. Sorry if I did not do a good job explaining my problem. _______________________________________________________ Get 100% FREE Internet Access powered by Excite Visit http://freelane.excite.com/freeisp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15653767.956285276711.JavaMail.imail>