From owner-freebsd-questions@FreeBSD.ORG  Fri Aug 15 17:36:18 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F420537B401
	for <FreeBSD-questions@FreeBSD.org>;
	Fri, 15 Aug 2003 17:36:17 -0700 (PDT)
Received: from out003.verizon.net (out003pub.verizon.net [206.46.170.103])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F166A43FA3
	for <FreeBSD-questions@FreeBSD.org>;
	Fri, 15 Aug 2003 17:36:16 -0700 (PDT)	(envelope-from mike@pcmedx.com)
Received: from duron.pcmedx.com ([4.46.1.67]) by out003.verizon.net
          (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP
          id <20030816003616.UTKE29617.out003.verizon.net@duron.pcmedx.com>;
          Fri, 15 Aug 2003 19:36:16 -0500
Received: from localhost (localhost [127.0.0.1])
	by duron.pcmedx.com (Postfix) with ESMTP
	id 98BE3AE49; Fri, 15 Aug 2003 17:36:15 -0700 (PDT)
Received: from mike (mike.pcmedx.com [192.168.240.244])
	by duron.pcmedx.com (Postfix) with SMTP
	id DD0CBACB3; Fri, 15 Aug 2003 17:36:14 -0700 (PDT)
Message-ID: <001201c3638e$6b1f38e0$f4f0a8c0@pcmedx.com>
From: "Mike Maltese" <mike@pcmedx.com>
To: <FreeBSD-questions@FreeBSD.org>
References: <2305CFC39C15AA4896E06E5C91C509EF03743858@VS2.hdi.tvcabo>
Date: Fri, 15 Aug 2003 17:36:22 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
X-Virus-Scanned: by amavisd (http://www.amavis.org) and f-prot
	(http://www.f-prot.com) at pcmedx.com
X-Authentication-Info: Submitted using SMTP AUTH at out003.verizon.net from
	[4.46.1.67] at Fri, 15 Aug 2003 19:36:16 -0500
cc: geek <geek@netcabo.pt>
Subject: Re: Gateway problemas
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Aug 2003 00:36:18 -0000


> block in log all
> block out log all

You don't need these since you used IPFITLER_DEFAULT_BLOCK (per your last
message). If you want to log blocked traffic, add

block in log quick on ep1 all

at the end of your rules for that interface.

You may want to try setting all interfaces to pass in/out quick until you
achieve connectivity.

> hostname=""
> ifconfig_rl0="DHCP"
> ifconfig_rl1="192.168.0.0"
> kern_securelevel_enable="NO"
> sendmail_enable="NONE"
> sshd_enable="YES"
> usbd_enable="YES"
> inetd_enable="NO"
> portmap_enable="NO"
> ipfilter_enable="YES"
> ipfilter_rules="/etc/ipf.rules"
> ipnat_enable="YES"
> ipnat_rules="/etc/ipf.rules"
> ipmon_enable="YES"
> ipmon_flags="-Dsn"

You're missing gateway_enable="YES". Do a sysctl net.inet.ip.forwarding to
ensure that this sysctl is indeed set to 1. Then you don't need the entry is
sysctl.conf.