Brian Henning wrote:
My local network ( consists of three machine BSD1 ( and
BSD2 ( Both of these machines use  gateway/router (BSD3)
to access the internet. All of these machine are connected to a switch locally.
BSD3 connects to my isp and gets my single ip address that i want to share with
rest of my local network. Just a note, these machine get their ip addresses

on my router i recompiled the kernel with these options.
options IPFIREWALL_VERBOSE            #firewall logging capability - optional
options IPFIREWALL_VERBOSE_LIMIT=100  #limit verbosity
options IPDIVERT                      #NATD

i have not added anything to my rc.conf file as of yet.
Eventually i will set up natd and firewall settings in my rc.conf, but can
someone direct me on how to do this manually so i can access the internet
from anywhere on my network.

r11 is my external network
rl0 is my internal network

natd -interface rl1
ipfw -f flush
ipfw add divert natd all from any to any via rl1
ipfw add pass all from any to any

does this seem correct?

Thanks for any advice,


Add 'sysctl -w net.inet.ip.forwarding=1' to the above commands and you should be surfing in no time.


