Greetings and thank you all for your replies.
Thanks to all your suggestions I finally got it going with a caching
DNS server.
I understand this particular approach and am grateful to have it
working.
Being somehwat of a geek I am not content with merely getting it
working, though! :^)
Now I need to understand why a DNS caching server was necessary.
If anyone can shed some practical/theoretical knowledge as to why
pinging www.google.com with this setup couldn't reach the internal
network:
Set /etc/sysctl.conf: net.inet.ip.forwarding=1
Set /etc/rc.conf: pf=YES
Set /etc/pf.conf:
# Translation
nat on $ext_if from !($ext_if) to any -> ($ext_if:0)
# Unfiltered
pass in log all keep state
pass out log all keep state
I'd be much obliged!
Oh! And all the internal clients point their gateway and
dns to the internal interface side of the firewall.
Thanks and take care,
Allen
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
