On Thursday 10 June 2004 03:59, asolomon15 wrote:
> Hello all,
> I tried to setup natd on my  fbsd 5.2.1 box and fbsd 4.10 box with no
> luck.   What I wanted to do was to setup a gateway for my internal
> network to my cable provider.  On my server box I have two ethernet card
> dc0 pointing to cable modem and dc1 pointing to hub so that the other
> computers may connect with my bsd gateway.  I managed recompile the
> kernel with options IPFIREWALL and IPDIVERT and  kernel  compiled
> successfully.
> Then I add natd, gateway and firewall to my rc.conf file
> gateway_enable="YES"
> natd_enable="YES'
> natd_interface="dc0"
> firewall_enable="YES"
> firewall_type="/etc/rc.firewall"

You can use the standard firewall script in /etc/rc.firewall as is without 
modification, if you change natd_enable="YES' to natd_enable="YES" and 
firewall_type="/etc/rc.firewall" to firewall_type="OPEN". 

> I wanted to ping an external and internal hosts to see if this
> configuration worked so   I really didn't want to have the firewall up
> so I added these 3 lines to my rc.firewall file
> /sbin/ipfw  -f flush
> /sbin/ipfw add divert  natd all from any to any via dc0
> /sbin/ipfw add pass from any to any
> I wasn't able to ping any host inside or outside of my computer. When I
> disabled the ipfw I was able to ping them.   Also I wanted to make sure
> if I needed to configure a dns server on my firewall to allow such
> services like http and ftp for internal hosts.   I know that there are
> more sophisticated ipfw setups but I wanted to just get the natd setup
> so I could concentrate on the firewall later on.
> Thanks if you can help
> Antoine W. Solomon
> _______________________________________________
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to

Christian Hiris <[EMAIL PROTECTED]> | OpenPGP KeyID 0x941B6B0B 
OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu

Attachment: pgpDXbIqb3L6n.pgp
Description: signature

Reply via email to