Date: Sun, 2 Aug 1998 11:14:28 -0700 (PDT) From: Mike Reeh <michaelr@ss454.dyn.ml.org> To: "David W. Curry" <david@magickalhome.com> Cc: FreeBSD Questions <freeBSD-questions@FreeBSD.ORG> Subject: Re: I am running out of hope for hatd or any proxy at that! Message-ID: <Pine.BSF.3.96.980802105104.1224A-100000@ss454.dyn.ml.org> In-Reply-To: <01bdbd91$a5262510$01c8a8c0@dskntws1>
next in thread | previous in thread | raw e-mail | index | archive | help
This is what I've done to setup natd on my lan to allow the internal machines see the rest of the internet, several times successfully.. i'll try to remember everything. First things first, build your kernel with: options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT now, default to accept isnt necessary but i'd use it just to be safe.... after you build your kernel, do a quick edit of your /etc/rc.conf and change these values: firewall_enable="YES" firewall_type="/etc/rc.firewall" gateway_enable="YES" firewall_type is now pointing to another file named /etc/rc.firewall which is something i made up so dont expect to figure that one out.. now what you need to do is open an editor (vi, ee, joe, pico, etc) on your /etc/rc.firewall file (will be a new file) and enter these lines, which i happened to have taken directly from the natd man page, but work perfectly: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via ppp0 /sbin/ipfw add pass all from any to any ppp0 is what you need to change to your public network interface.. for me, i unfortunately dont have ether to the internet, i have a lousy dialup ppp connection, but it works.. if you have ethernet, use the interface (i.e. de0, ed0, etc) that actually talks to the internet. now you need to edit your /etc/services file.... you need to add a separate line with this in it: natd 8668/divert #NATD next is for your natd rules.... for this i used a file called /etc/natd.conf in which i have the following lines: use_sockets same_ports interface ppp0 again, use the same interface that you did with your /etc/rc.firewall (its the PUBLIC network interface) ok now we're getting close... what i did then was edit my /etc/rc.local to start up natd automagically... i did it by modifying the "starting local daemons" part.. i dont remember exactly what it looked like before but this is waht it looks like now: echo -n 'starting local daemons:' echo -n ' natd' ; /usr/sbin/natd -f /etc/natd.conf as you can see it starts natd wit the options file (-f) /etc/natd.conf . If all goes well it should fork :) and not leave you hanging. if it does just ^C it on bootup but you shouldnt have to worry about that.. with all this information, im making a huge assumption that you have your ifconfig's all setup w/ the right netmask, and ip address' and whatnot. the only other thing that i did was make the gateway on the local machines the same as the IP# of the natd machine.. one last quick reboot w/ your new kernel and all your new settings, and you should be good to go.. also dont forget to set the DNS ip's on the local machines to whatever your natd machine uses... good luck and let me know if it worked :) if it did i'll show you some other settings i use to let me telnet into the local machines on special ports from the internet, etc.... Mike Reeh michaelr@ss454.dyn.ml.org breadfan On Sat, 1 Aug 1998, David W. Curry wrote: > Well, I'm on day 5 now of trying to configure natd as a proxy server for my LAN. I guess I just need step-by-step instruction becuase I have read every man file and web page on it I can find. Maybe I am just slow :) > > Anyway, I have a BSD Unix Box that I use to dial-up to my ISP (primenet). I dial directly into my unix shell account. My Win95 box is on a network (192.168.200.2) with my BSD Box. I can telnet and ping to the Unix box NP. I want to set up BSD as a proxy for my 95 Machine. Can anyone maybe ask me some specific questions about my systems and tell me how to set up my client and server? > > Any help would be appreciated. > > Thank you, > > Dave > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980802105104.1224A-100000>