Date: Mon, 10 Dec 2001 02:06:03 -0800 (PST) From: Donnie Jones <donniejones18@yahoo.com> To: Josh Paetzel <friar_josh@webwarrior.net> Cc: Freebsd-questions@freebsd.org Subject: Re: FreeBSD gateway problems Message-ID: <20011210100603.93607.qmail@web20604.mail.yahoo.com> In-Reply-To: <20011209214837.D562@twincat.vladsempire.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Josh Paetzel <friar_josh@webwarrior.net> wrote: > On Sun, Dec 09, 2001 at 12:37:49PM -0800, Donnie > Jones wrote: > > Hey all, > > > > I've got two ethernet cards, first one connecting > from > > my cable modem, the second going from the pc to my > > ethernet switch. I have set up the gateway and > nat to > > my best ability. Each of the internal pc's I have > > given an ip such as 192.168.0.11. I can ping the > > linux box on my internat network, but for some > reason > > windows98 is acting odd and will not let me ping > it. > > I have set the gateway to 192.168.0.1 and the ip > to > > 192.168.0.10 for this win pc, but still no avail, > any > > ideas? > > > > Also, I am not sure if I need to add some routing > > tables rules, or I heard something about adding > -nat > > to the gateway ethernet card? But, the computers > on > > my internal network can't reach the internet. I > am > > unsure how to fix this? > > > > Thanks for your time and patience, > > > > -Donnie > > Some copies of your config files would be helpful, > but here is what > needs to happen. > > 1) Gateway_enable="YES" in rc.conf > 2) natd_enable="YES" in rc.conf > 3) natd_interface="outside interface" > 4) natd_flags="-dynamic" > 5) firewall_enable="YES" > 6) firewall_script="/etc/firewall/fwrules" > > Then create a file called /etc/firewall/fwrules with > these lines: > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via > externalinterface > /sbin/ipfw add allow ip from any to any via lo0 > /sbin/ipfw add allow ip from any to any via > internalinterface > /sbin/ipfw add allow ip from any to any > > Then compile your kernel with the following two > lines: > OPTIONS IPFILTER > OPTIONS IPDIVERT > > then you should be all set. > > Josh > Thanks for the help, I'll try it out soon. Question though. Why would I want the -dynamic flag on natd? Also, in my rc.conf I have: Firewall_type="OPEN" And, if I don't have the entries for the pc's on my LAN in /etc/hosts will they still be able to connect to the internet through the gateway? Thanks again. -Donnie __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011210100603.93607.qmail>