From owner-freebsd-questions Sun Dec 9 19:48:36 2001 Delivered-To: freebsd-questions@freebsd.org Received: from services.webwarrior.net (overlord-host99.dsl.visi.com [209.98.86.99]) by hub.freebsd.org (Postfix) with ESMTP id 823C337B416 for ; Sun, 9 Dec 2001 19:48:33 -0800 (PST) Received: from twincat.vladsempire.net (hutch-805.hutchtel.net [206.10.71.133]) by services.webwarrior.net (Postfix) with ESMTP id 4DAACFF for ; Sun, 9 Dec 2001 21:48:37 -0600 (CST) Received: by twincat.vladsempire.net (Postfix, from userid 1001) id 314703863; Sun, 9 Dec 2001 21:48:38 +0000 (GMT) Date: Sun, 9 Dec 2001 21:48:38 +0000 From: Josh Paetzel To: Donnie Jones Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD gateway problems Message-ID: <20011209214837.D562@twincat.vladsempire.net> Mail-Followup-To: Donnie Jones , freebsd-questions@FreeBSD.ORG References: <20011209203749.1575.qmail@web20607.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011209203749.1575.qmail@web20607.mail.yahoo.com>; from donniejones18@yahoo.com on Sun, Dec 09, 2001 at 12:37:49PM -0800 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Dec 09, 2001 at 12:37:49PM -0800, Donnie Jones wrote: > Hey all, > > I've got two ethernet cards, first one connecting from > my cable modem, the second going from the pc to my > ethernet switch. I have set up the gateway and nat to > my best ability. Each of the internal pc's I have > given an ip such as 192.168.0.11. I can ping the > linux box on my internat network, but for some reason > windows98 is acting odd and will not let me ping it. > I have set the gateway to 192.168.0.1 and the ip to > 192.168.0.10 for this win pc, but still no avail, any > ideas? > > Also, I am not sure if I need to add some routing > tables rules, or I heard something about adding -nat > to the gateway ethernet card? But, the computers on > my internal network can't reach the internet. I am > unsure how to fix this? > > Thanks for your time and patience, > > -Donnie Some copies of your config files would be helpful, but here is what needs to happen. 1) Gateway_enable="YES" in rc.conf 2) natd_enable="YES" in rc.conf 3) natd_interface="outside interface" 4) natd_flags="-dynamic" 5) firewall_enable="YES" 6) firewall_script="/etc/firewall/fwrules" Then create a file called /etc/firewall/fwrules with these lines: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via externalinterface /sbin/ipfw add allow ip from any to any via lo0 /sbin/ipfw add allow ip from any to any via internalinterface /sbin/ipfw add allow ip from any to any Then compile your kernel with the following two lines: OPTIONS IPFILTER OPTIONS IPDIVERT then you should be all set. Josh > > __________________________________________________ > Do You Yahoo!? > Send your FREE holiday greetings online! > http://greetings.yahoo.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message