From owner-freebsd-questions Tue Mar 21 13:37:47 2000 Delivered-To: freebsd-questions@freebsd.org Received: from www.timandpatrick.com (cx33461-a.chnd1.az.home.com [24.1.216.237]) by hub.freebsd.org (Postfix) with ESMTP id A55FE37BD0A for ; Tue, 21 Mar 2000 13:37:37 -0800 (PST) (envelope-from george@vagner.com) Received: from john.vagner.com (mti-aptis-phx-p138.cybertrails.com [162.42.8.138]) by www.timandpatrick.com (8.9.3/8.9.3) with SMTP id OAA00473 for ; Tue, 21 Mar 2000 14:37:37 -0700 (MST) (envelope-from george@vagner.com) From: Laszlo Vagner Organization: Applied Mechanical To: questions@freebsd.org Subject: wierd problem with natd Date: Tue, 21 Mar 2000 14:22:39 -0700 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain MIME-Version: 1.0 Message-Id: <00032114373100.05442@john.vagner.com> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG i have 2 network cards vr0 and ed1 installed with firewall enabled and using a rule that is open running natd -n ed1. 2 machines are 192.168.151.1 and .2 the vro interface is .0 and the ed1 interface is on outside net. i can ping the internet from the .1 machine thru the gateway but not from the .2 machine, i tried pinging ip addresses inside and that works but not the outside interface on 1 machine only. i hope this is clear... the inside machines are win 98 and the gateway is set to the outside interface address. here is some output from relevant things sorry for long lines $ ifconfig -a ed1: flags=8843 mtu 1500 inet 24.1.216.237 netmask 0xfffffc00 broadcast 24.1.219.255 ether 00:80:c8:c1:3f:45 vr0: flags=8843 mtu 1500 inet 192.168.151.140 netmask 0xffffff00 broadcast 192.168.151.255 ether 00:50:ba:a9:e1:60 media: 10baseT/UTP supported media: autoselect 100baseTX 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 10baseT/UTP lp0: flags=8810 mtu 1500 tun0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 ppp0: flags=8010 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 $ $ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 24.1.216.1 UGSc 65 29198 ed1 24.1.216/22 link#1 UC 0 0 ed1 24.1.216.1 0:e0:34:4b:b0:0 UHLW 63 8 ed1 1193 24.1.216.237 0:80:c8:c1:3f:45 UHLW 1 273 lo0 24.1.219.255 ff:ff:ff:ff:ff:ff UHLWb 0 1 ed1 127.0.0.1 127.0.0.1 UH 0 19 lo0 192.168.151 link#2 UC 0 0 vr0 192.168.151.140 0:50:ba:a9:e1:60 UHLW 0 8 lo0 192.168.151.141 0:80:c8:c1:59:73 UHLW 0 4 vr0 1168 192.168.151.142 0:60:8:e0:6e:4b UHLW 0 7 vr0 1177 192.168.151.255 ff:ff:ff:ff:ff:ff UHLWb 0 7 vr0 $ $ uname -a FreeBSD www.timandpatrick.com 3.3-STABLE FreeBSD 3.3-STABLE #1: Sun Nov 28 17:20:01 MST 1999 root@www.timandpatrick.com:/usr/src/sys/compile/GENERIC i386 $ $ cat firewall /sbin/ipfw -f flush /sbin/ipfw add 1000 divert natd all from any to any via ed1 /sbin/ipfw add 2000 pass all from any to any $ $ cat rc.conf # This file now contains just the overrides from /etc/defaults/rc.conf # please make all changes to this file. # -- sysinstall generated deltas -- # moused_enable="YES" gateway_enable="YES" network_interfaces="ed1 vr0 lo0" ifconfig_ed1="inet 24.1.216.237 netmask 255.255.252.0" ifconfig_vr0="inet 192.168.151.140 netmask 255.255.255.0" defaultrouter="24.1.216.1" hostname="www.timandpatrick.com" $ relevant /etc/defaults/rc.conf firewall_enable="YES" # Set to YES to enable firewall functionality firewall_script="/etc/firewall" # Which script to run to set up the firewall firewall_type="open" # Firewall type (client /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_interface="ed1" # Public interface or IPaddress to use. natd_flags="" # Additional flags for natd. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message