Re: help setting up natd and ipfw on freebsd5.2.1

Thu, 10 Jun 2004 16:10:21 -0700

Thanks for all the help with setting up the natd and ipfw.. I will spend some time trying to learn how to setup the proper firewall for my network. I was woundering what would be the proper cource of action on setting up dns services for the entire network. Should I just setup dns on that gateway?

Antoine W. Solomon Jr.


ana wrote:

hi

i dont know if this will help.

but you can try using

firewall_type="OPEN"

oh an you might want to set your:

network_interfaces="dc0"
ifconfig_dc0="DHCP"

if you havent done that already.

enjoy.

--AMS



Hello all,
I tried to setup natd on my  fbsd 5.2.1 box and fbsd 4.10 box with no
luck.   What I wanted to do was to setup a gateway for my internal
network to my cable provider.  On my server box I have two ethernet card
dc0 pointing to cable modem and dc1 pointing to hub so that the other
computers may connect with my bsd gateway.  I managed recompile the
kernel with options IPFIREWALL and IPDIVERT and  kernel  compiled
successfully.

Then I add natd, gateway and firewall to my rc.conf file
gateway_enable="YES"
natd_enable="YES'
natd_interface="dc0"
firewall_enable="YES"
firewall_type="/etc/rc.firewall"

I wanted to ping an external and internal hosts to see if this
configuration worked so   I really didn't want to have the firewall up
so I added these 3 lines to my rc.firewall file

/sbin/ipfw  -f flush
/sbin/ipfw add divert  natd all from any to any via dc0
/sbin/ipfw add pass from any to any

I wasn't able to ping any host inside or outside of my computer. When I
disabled the ipfw I was able to ping them.   Also I wanted to make sure
if I needed to configure a dns server on my firewall to allow such
services like http and ftp for internal hosts.   I know that there are
more sophisticated ipfw setups but I wanted to just get the natd setup
so I could concentrate on the firewall later on.


Thanks if you can help
Antoine W. Solomon

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"








_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to