2007/11/24, Ian Smith <[EMAIL PROTECTED]>: > > No I didn't mean that; use your own favourite packet filter, any of them > can handle what you've described. Bill suggested pf - lots of people > seem to like it a lot - and I use ipfw because I (mostly) know how to.
I always had linux servers, so I'm very familiar with iptables, I don't have a favorite BSD firewall yet, so that's why I'm asking. I choose ipfilter because I liked the tutorial in the FreeBSD handbook, but I don't know any features of the others, I even don't know ipfilter yet. Ok. Pasted output of 'ifconfig' and 'netstat -finet -nr' may help .. > it's easier to parse familiar machine output than textual descriptions. My BSD box don't have graphic interface and I must admit I'm suffering to use it, so that's why I'm transcripting the configs, but I'm gonna change that. Dunno. I'd just run tcpdump in a different terminal for each interface > and watch the traffic; what gets forwarded, or not, what gets translated > by NAT, or not. As you said, pings are a useful start, as can be adding > temporary firewall rules to log everything in and out per interface .. > > I know next to nothing about routed(8) and RIP, nor why you might prefer > it to static and cloned routing, but taking it out of the mix might help > with debugging until your basic routing and filtering works right? I think it's hard to be NAT even because I've disabled ipfilter and the problem still. I thought I would just set gateway_enable="YES" and things would start working, at least that was how I've seem in the docs, but like it didn't, I tried to set static routes. I don't know anything about routed too, I just know that it's supposed to build the routes on demand, or something like that. I'll copy the result of netstat on monday but the routes seems to be OK, they're there like they're supposed to be, at least I think they are right. Probably the problem is very stupid, but I feel like I've checked everything and I can't find the error, and like I'm not very familiar with BSD I'm losing my hope. Next week I'll try some things and if it don't work I think it's time to go back to linux. That's bad because I liked a lot the freebsd way of do the things. Thankz the attention guyz, hugs! Alaor _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"