Date: Fri, 7 Jul 2000 04:21:30 +0200 From: Jens Sauer <pirol9999@gmx.net> To: RaymundoVega@home.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW-question Message-ID: <20000707021948.E442337BCF1@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
> Jens Sauer wrote: >> >> Hi all, >> >> i am using ipfw for the very first time and have the following problem: >> >> i configured my kernel with FIREWALL- and IPDIVERT-support fot NATD, >> because of my private-address-clients. >> >> my rc.conf looks that way: >> >> ... >> **ISDN-things** >> ... >> natd_enable="YES" >> natd_interface="isp0" >> natd_flags="-dynamic" >> firewall_enable="YES" >> gateway_enable="YES" >> >> my isdn-interface ISP0 is working fine, when i ping the internet from >> the firewall, it dials, all ok. >> >> but when i traceroute into the internet from a LAN-client (192.168.0.x), >> the isdn-card on the firewall is successfully dialing (interface is up), >> but the packets are only going up to the network-card on the firewall, >> then i get a timeout. >> >> I configured IPFW like that: >> >> ipfw -f flush >> ipfw add pass all from any to any >> ipfw add divert natd all from any to any via isp0 > I think the ipfw divert must go before the pass line > raymundo I have tried that too, no change. I forgot to mention the entry "firewall_script="/etc/firewall/mine" in rc.conf, where "mine" ran the above ipfw-commands. I tried also firewall_type="open" (but the rc.firewall-script is running the same commands, when configured as "open") thanks anyway for your help, i will try further To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000707021948.E442337BCF1>