From owner-freebsd-ipfw@FreeBSD.ORG Tue May 8 16:43:53 2007 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4371C16A400 for ; Tue, 8 May 2007 16:43:53 +0000 (UTC) (envelope-from gbell72@rogers.com) Received: from web88007.mail.re2.yahoo.com (web88007.mail.re2.yahoo.com [206.190.37.194]) by mx1.freebsd.org (Postfix) with SMTP id EA2CA13C45B for ; Tue, 8 May 2007 16:43:52 +0000 (UTC) (envelope-from gbell72@rogers.com) Received: (qmail 8238 invoked by uid 60001); 8 May 2007 16:43:52 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=rogers.com; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=afI/mKbrfe8e3bBkUdfgfgcVvAHAA2Z+e2JIrzK2iaiK0hEIu0OIfq3JkqxxgWKbS4ydNrcTcHGfI8eDVH6R/gblb1ISIO5Q4wndjZRecBbzO9VEkQZ4wuK1Ju8ewTwG0f/Z8ng8bXsFeZlhJeSMtrwiaqD+qHOWnqQfs68GoTA=; X-YMail-OSG: QRe1h.gVM1lcn7.c2zpoUa.QCJXeVjHqNf36ySS98H0l1VaNl6MK7S.70HS0bPEb8kd.dzeZvfurEgfgKbJLxg5t8eBfQGF6mFnf86s6gXJx1Ppnr_TdHLoZ2oyxDsGcHRczI8zNySs- Received: from [74.100.62.56] by web88007.mail.re2.yahoo.com via HTTP; Tue, 08 May 2007 12:43:52 EDT Date: Tue, 8 May 2007 12:43:52 -0400 (EDT) From: Gardner Bell To: John Nielsen , freebsd-ipfw@freebsd.org In-Reply-To: <200705081221.46248.lists@jnielsen.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <282919.6049.qm@web88007.mail.re2.yahoo.com> Cc: Gardner Bell Subject: Re: IPFW and NATD problem X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 May 2007 16:43:53 -0000 --- John Nielsen wrote: > On Tuesday 08 May 2007 11:40:58 am Gardner Bell wrote: > > Hi all, > > > > I've been following the IPFW section in the handbook and > /etc/rc.firewall > > to try and setup a gateway for my home LAN but I'm having a bit of > trouble > > getting access to the internet. My network setup looks like so. > > > > 192.168.x.x bge1 - 192.168.x.x bge0 > x.x.x.x > > > --LAN------------Switch---------FreeBSD-------------------------------ISP > > > > Bge0 successfully receives an IP from my ISP's DHCP server and I > can ping > > the LAN without any issues. When it comes to accessing the > internet I get > > a hostname lookup failure. > > > > Any help resolving this is greatly appreciated. > > Do you have "gateway_enable=yes" in your /etc/rc.conf? (check the > value of the > net.inet.ip.forwarding sysctl). dan@mx1$ cat /etc/rc.conf | grep gateway gateway_enable="YES" dan@mx1$ sysctl -a | grep ip.for net.inet.ip.forwarding: 1 > > What DNS server is your LAN machine trying to use? Can you ping it > (or > anything else) by IP? My LAN is presently using MY ISP's DNS server until I get a caching name server configured on the gateway. I can't ping the DNS server by IP or hostname but I can ping everything else that is on my LAN by IP. Including the switch, the IP that is assigned to bge1 and all the IPs I have assigned to the machines behind the switch. > > JN > Gardner