From owner-freebsd-questions@FreeBSD.ORG  Fri Jul  2 03:24:33 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C8D4116A4CE
	for <freebsd-questions@FreeBSD.org>;
	Fri,  2 Jul 2004 03:24:33 +0000 (GMT)
Received: from toman.time.net.my (pop.time.net.my [203.121.16.80])
	by mx1.FreeBSD.org (Postfix) with SMTP id 5F5AC43D4C
	for <freebsd-questions@FreeBSD.org>;
	Fri,  2 Jul 2004 03:24:31 +0000 (GMT)
	(envelope-from tonylth@pd.jaring.my)
Received: (qmail 72876 invoked from network); 2 Jul 2004 03:22:05 -0000
Received: from unknown (HELO pd.jaring.my) (211.24.130.170)
  by 0 with SMTP; 2 Jul 2004 03:22:05 -0000
Message-ID: <40E4D519.20605@pd.jaring.my>
Date: Fri, 02 Jul 2004 11:23:05 +0800
From: Tony Liew <tonylth@pd.jaring.my>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.6b) Gecko/20031208
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@FreeBSD.org
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.1
Subject: Problem with gateway and ipfw in FreeBSD 5.2
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jul 2004 03:24:33 -0000

Hi,

Currently I am trying out FreeBSD 5.2.

SDSL modem
    |   
    |
    |
    |
    |
    |
FreeBSD Router
    |
    |
    |
    |
Internal network

My problem, from FreeBSD I can ping outside and inside network.
from Internal network, I can ping internal interface and external 
interface of FreeBSD Router. But I cannot ping the modem IP address so 
goes public DNS server on the internet.

I have in my KERNEL:
options   BRIDGE
options   DIVERT
options   IPFIREWALL
options   IPFIREWALL_DEFAULT_TO_ACCEPT

rc.conf
gateway_enable="YES"
defaultrouter="<modem ip>"
firewall_enable="YES"
firewall_type="OPEN"
natd_interface="<external interface>"
natd_enable="YES"
router_enable="YES"

sysctl.conf

net.link.ether.bridge.enable=1
net.link.ether.bridge.config=external interface, internal interface
net.link.ether.bridge.ipfw=1


client on the internal network cannot connect to the internet. Any 
suggestion?

Thanks a lot.

Regards,
Tony Liew