Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 09 Jun 1998 00:59:15 +0100
From:      Brian Somers <brian@Awfulhak.org>
To:        David Boisvert <David_Boisvert@uqtr.uquebec.ca>
Cc:        FreeBSD questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: ipfw & natd problems 
Message-ID:  <199806082359.AAA17886@awfulhak.org>
In-Reply-To: Your message of "Mon, 08 Jun 1998 17:46:34 EDT." <357C5B79.446B9B3D@uqtr.uquebec.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 
You'll need to ``divert'' packets to natd in your firewall rules as 
described in the man page.

> Hi,
> 
>   I need some assistance and help with the install of ipfw and natd. I
> have a P100 with FreeBSD 2.2.6 on it and I also have a 489dx66 with
> win3.11 for workgroup. I can telnet from my win3.11 to my FreeBSD box
> and myFreeBSD box can ping my 486.
> 
> My settings are:
> 
> 205.151.62.42   : Cable modem connected to the internet (ed1)
> 192.168.1.1     : Second ethernet card in the FreeBSD 
>                   connected to the 486 (ed2)
> 192.168.1.2     : Third ethernet card in the 486
> 
> 
> In the 486:
> 
> IP Adress               192.168.1.2
> SubnetMASK              255.255.255.0
> Default Gateway         192.168.1.1
> Primary Wins Server     1.1.1.1
> Secondary Wins Server   1.1.1.1
> 
> Enable dns for windows name resolution
> 
> dns                     205.151.69.200 (same as my FreeBSD box)
> 
> /etc/rc.conf
> 
> firewall_enable="YES"         
> firewall_type="open"
> firewall_quiet="NO" 
> gateway_enable="YES"
> 
> KERNEL:
> 
> options IPFIREWALL                      #code packet filtering
> options IPFIREWALL_VERBOSE              #logging packet throught syslogd
> options IPFIREWALL_VERBOSE_LIMIT=20     #limits the numbers of
> packets                                           #logged throught
> syslogd on a                                                    #per day
> basis
> options IPDIVERT                        #for the use of NATD
> 
> 
> FIREWALL:
> 
> 01000 allow ip from any to any via lo0
> 01010 deny ip from 127.0.0.0/8 to 127.0.0.0/8
> 65000 allow ip from any to any
> 65535 deny ip from any to any
> 
> 
> /etc/services:
> 
> natd            6668/divert # Network adress translation socke
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 

-- 
Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org>
      <http://www.Awfulhak.org>;
Don't _EVER_ lose your sense of humour....



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806082359.AAA17886>