Date: Sat, 03 Apr 1999 21:43:25 +0100 From: Brian Somers <brian@Awfulhak.org> To: gummibear@we.mediaone.net Cc: questions@FreeBSD.ORG Subject: Re: Natd and Gateway Problems Message-ID: <199904032043.VAA35507@keep.lan.Awfulhak.org> In-Reply-To: Your message of "Fri, 02 Apr 1999 16:34:10 -0800." <3.0.6.32.19990402163410.0079a260@we.mediaone.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Where/how are you starting natd, and what does resolv.conf say ? Can
you ping machines by IP (once natd is started) ?
> Okay, so I've been screwing with this for about a week now. I'm sort of
> getting pretty frustrated. I've treated FreeBSD with love and care, and
> now it's spitting back in my face.
>
> Here's the deal. I got 1 Win95 machine, one FreeBSD machine, and 1 cable
> modem. I would like to use the FreeBSD machine as my Gateway and
> Workstation. It has 2 network cards (ed0 and ed1).
>
> I have read the manpages for natd. I have built a custom kernel with
> IPFIREWALL and IPDIVERT. Below I have listed most of my configuration
> files and output from ifconfig and netstat.
>
> My ISP information is as follows:
>
> My IP: 24.130.60.137
> ISP's Gateway: 24.130.60.1
> ISP's Netmask: 255.255.252.0
>
> Here's my config files and stuff:
>
> My rc.conf:
>
> # -- sysinstall generated deltas -- #
> ifconfig_ed0="inet
> 24.130.60.137 netmask 255.255.252.0"
> ifconfig_ed1="inet 10.0.0.1 netmask
> 255.255.255.0"
> defaultrouter="24.130.60.1"
> network_interfaces="ed0 ed1
> lo0"
> hostname="gummibear.we.mediaone.net"
> firewall_enable="YES"
> gateway_enab
> le="YES"
>
>
> My rc.firewall:
>
> /sbin/ipfw -f flush
> /sbin/ipfw add divert natd
> ip from any to any via ed0
> /sbin/ipfw add allow ip from any to any
>
> My
> netstat -rn:
>
> Internet:
> Destination Gateway Flags
> Refs Use Netif Expire
> default 24.130.60.1 UGSc
> 1 194 ed0
> 24.130.60/22 link#1 UC 0
> 0 ed0
> 24.130.60.1 0:90:2b:93:c8:20 UHLW 1
> 0 ed0 1137
> 127.0.0.1 127.0.0.1 UH 0
> 0 lo0
>
> My ifconfig -a:
>
> ed0:
> flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> inet
> 24.130.60.137 netmask 0xfffffc00 broadcast 24.130.63.255
> ether
> 52:54:00:e1:14:b7
> ed1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
>
> ether 52:54:05:de:cc:f6
> tun0: flags=8010<POINTOPOINT,MULTICAST> mtu
> 1500
> ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
> lo0:
> flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
> inet 127.0.0.1
> netmask 0xff000000
>
> My dmesg | more:
>
> Copyright (c) 1992-1999 FreeBSD
> Inc.
> Copyright (c) 1982, 1986, 1989, 1991, 1993
> The Regents of the
> University of California. All rights reserved.
> FreeBSD 3.1-RELEASE #2: Sun
> Mar 28 23:41:57 PST 1999
>
> root@gummibear.we.mediaone.net:/usr/src/sys/compile/GUMMIBEAR
> Timecounter
> "i8254" frequency 1193182 Hz
> Timecounter "TSC" frequency 124231938
> Hz
> CPU: Pentium/P54C (124.23-MHz 586-class CPU)
> Origin = "GenuineIntel"
> Id = 0x52c Stepping=12
>
> Features=0x1bf<FPU,VME,DE,PSE,TSC,MSR,MCE,CX8>
> real memory = 67108864
> (65536K bytes)
> avail memory = 62959616 (61484K bytes)
> Preloaded elf kernel
> "kernel" at 0xf0236000.
> Probing for devices on PCI bus 0:
> chip0: <Intel
> 82437FX PCI cache memory controller> rev 0x02 on pci0.0.0
> chip1: <Intel
> 82371FB PCI to ISA bridge> rev 0x02 on pci0.7.0
> ide_pci0: <Intel PIIX
> Bus-master IDE controller> rev 0x02 on pci0.7.1
> ed0: <NE2000 PCI Ethernet
> (RealTek 8029)> rev 0x00 int a irq 10 on pci0.8.0
> ed0: address
> 52:54:00:e1:14:b7, type NE2000 (16 bit)
> ed1: <NE2000 PCI Ethernet (RealTek
> 8029)> rev 0x00 int a irq 11 on pci0.9.0
> ed1: address 52:54:05:de:cc:f6,
> type NE2000 (16 bit)
>
> <cut a bunch of misc hardware crap>
>
> IP packet filtering initialized, divert enabled, rule-based forwarding
> disabled,
> logging disabled
> changing root device to wd0s2a
>
>
> Yeah, I know that the ifconfig doesn't have settings for ed1. As a last
> resort I deleted the ed1 entry to see if I can at least try to ping out of
> ed0. But zero, I can't do shit. I can't ping anything. It just doesn't
> work. If I try to ping yahoo.com it just hangs there. When I boot it
> hangs at sendmail and then I do a ctl-c to kill that and move on.
>
> Some sample configurations, or a full blown detailed description of a
> working system would be greatly appreciated. I guess if I can follow what
> someone else did, then I can get this to work. I don't care about security
> right now, I just want it to work. Then I'll worry about making scricter
> firewall rules. (once I figure out how).
>
> Thanks for your help.
>
> Joey
>
>
> ================================================================
> Joey Bear Garcia
> Downey, CA
> bear@pacificnet.net
> ================================================================
--
Brian <brian@Awfulhak.org> <brian@FreeBSD.org> <brian@OpenBSD.org>
<http://www.Awfulhak.org>;
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904032043.VAA35507>