On Thursday 10 June 2004 03:59, asolomon15 wrote: > Hello all, > I tried to setup natd on my fbsd 5.2.1 box and fbsd 4.10 box with no > luck. What I wanted to do was to setup a gateway for my internal > network to my cable provider. On my server box I have two ethernet card > dc0 pointing to cable modem and dc1 pointing to hub so that the other > computers may connect with my bsd gateway. I managed recompile the > kernel with options IPFIREWALL and IPDIVERT and kernel compiled > successfully. > > Then I add natd, gateway and firewall to my rc.conf file > gateway_enable="YES" > natd_enable="YES' > natd_interface="dc0" > firewall_enable="YES" > firewall_type="/etc/rc.firewall"
You can use the standard firewall script in /etc/rc.firewall as is without modification, if you change natd_enable="YES' to natd_enable="YES" and firewall_type="/etc/rc.firewall" to firewall_type="OPEN". > I wanted to ping an external and internal hosts to see if this > configuration worked so I really didn't want to have the firewall up > so I added these 3 lines to my rc.firewall file > > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via dc0 > /sbin/ipfw add pass from any to any > > I wasn't able to ping any host inside or outside of my computer. When I > disabled the ipfw I was able to ping them. Also I wanted to make sure > if I needed to configure a dns server on my firewall to allow such > services like http and ftp for internal hosts. I know that there are > more sophisticated ipfw setups but I wanted to just get the natd setup > so I could concentrate on the firewall later on. > > > Thanks if you can help > Antoine W. Solomon > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" -- Christian Hiris <[EMAIL PROTECTED]> | OpenPGP KeyID 0x941B6B0B OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu