From owner-freebsd-questions  Mon Jul 14 06:01:52 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA19900
          for questions-outgoing; Mon, 14 Jul 1997 06:01:52 -0700 (PDT)
Received: from nx1.HRZ.Uni-Dortmund.DE (nx1.HRZ.Uni-Dortmund.DE [129.217.131.3])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA19882
          for <freebsd-questions@FreeBSD.ORG>; Mon, 14 Jul 1997 06:01:45 -0700 (PDT)
Received: from ZEDO.E-Technik.Uni-Dortmund.DE by nx1.hrz.uni-dortmund.de 
          with SMTP (PP); Mon, 14 Jul 1997 15:01:16 +0200
Received: from astral.chemietechnik.uni-dortmund.de 
          by ZEDO.E-Technik.Uni-Dortmund.DE (SMI-8.6/ZEDO-(CT/ET/MB)-09/09/96-12.00h) 
          id PAA28403; Mon, 14 Jul 1997 15:00:56 +0200
Received: by astral.chemietechnik.uni-dortmund.de (SMI-8.6/SMI-SVR4) 
          id PAA20961; Mon, 14 Jul 1997 15:00:49 +0200
Date: Mon, 14 Jul 1997 15:00:49 +0200
From: jr@ZEDO.E-Technik.Uni-Dortmund.DE (joerg roslawski)
Message-Id: <199707141300.PAA20961@astral.chemietechnik.uni-dortmund.de>
To: freebsd-questions@FreeBSD.ORG
Subject: Firewall (Dual-Homed-Host) configuration-problems
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-MD5: eTg8hLJcmXVc3LXhO1X09A==
Sender: owner-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk



I am using FreeBSD 2.2.2-Release, trying to build a packet filtering router with 
two Ethernetcards (ed0, ed1).

- I compiled a new Kernel with options Firewall enabled.
- I edited the rc.conf file with correct entries of ed0 and ed1 and              
  set Firewalltype="simple".
- I set inside - and outside interface network in rc.firewall
- I allow "all from any to any via ed0" and "all from anny to any via ed1" at    
  first, in order to check connections.

When there are both Ethernetcards in the rc.conf, I have only the possibility to 
access the Network through ed0. Only when remarking the entry of ed0 I am also 
able to access the Network through ed1. 

Questions :
* What must be done to make both ether-cards work in that Dual-Homed-Host ?
* Needs this Dual-Homed Host to be configured as a router and do I have to
  create a routing table although a router exists on another machine ?
* Should I set gateway="YES" in rc.conf ?  
  
 
Thanks a lotfor your help. 
= J. Roslawski =
eMail : jr@astral.zedo.fuedo.de