Greetings, I am facing a problem in setting up my gateway so I am asking for help. Let me describe me my setup.
My ISP gateway is *.*.144.49. I am assigned a few static IPS. *.*.144.54 *.*.147.229 *.*.147.230 I would like to set up a FreeBSD packet filtering gateway. I have currently laid out my network as: ------------ -------------- ------------- | | | | | | | ISP |*.*.144.49 | FreeBSD Box |*.*.147.229 | Linux | | GATEWAY |-----------------------| |-----------------------| NAT | | | *.*.144.54| | *.*.147.230| | ------------- --------------- ------------- | 172.16.0.1 | | | |172.16.0.200 -------------- | | | LAN | | Host | | | | | --------------- My rc.conf looks like: ifconfig_fxp0="inet 61.95.147.118 netmask 255.255.255.252" ifconfig_sis0="inet 61.95.147.229 netmask 255.255.255.252" ifconfig_sis0_alias0="inet 172.16.0.2 netmask 255.255.0.0" gateway_enable="YES" routed_enable="YES" firewall_enable="YES" firewall_type="OPEN" arpproxy_all="YES" # replaces obsolete kernel option ARP_PROXYALL. firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall ip_portrange_first="10000" # Set first dynamically allocated port ip_portrange_last="20000" # Set last dynamically allocated port tcp_drop_synfin="YES" # Set to YES to drop TCP packets with SYN+FIN icmp_drop_redirect="YES" # Set to YES to ignore ICMP REDIRECT packets I have still not configured the firewall. I would be highly obliged if anyone helps me by telling what are the things I am missing out? Another point to be taken care of is, a couple of systems inside the LAN are having a public IP. For example one of the host is having an IP of *.*.144.82. I am not allowed to mess with the Linux NAT box in any way because of some preinstalled commercial software solutions. However I can change the IPs of the NAT box if necessary. Please help me out. Thanks and Best Regards Subhro
smime.p7s
Description: S/MIME cryptographic signature