2008/3/7, Preston Hagar [EMAIL PROTECTED]:
It looks like you already have your problem solved. One utility you
might want to look at is pftop. With it, you can see pretty much in
real time what is going through pf and what is being blocked. This
has helped me a lot to find out which rule
Hi guyz, let me explain what I have. I work in a school, we have access to
the internet, two internal networks (academic and administrative) and we
have to connect to some servers in another school because we share databases
and to video-conference. I have a FreeBSD box with PF and squid, i want
2008/3/6, Erik Norgaard [EMAIL PROTECTED]:
You can add log statements to your nat rules to see which is applied.
pass quick proto icmp from any to any keep state
pass quick from $adm_net to $cefet_servers keep state
pass quick from $cefet_servers to $adm_net keep state
It appears that
Hi guys, does the release for the powerpc arch. runs fine in a PowerMac G5
box? Anyone have already tried this?
Cheers,
Alaor
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send
Hi guyz, I'd like to thank all of you. I somehow find the error, there're
three errors actually, first, the machine in 192.168.1 network was not using
my bsd box as gateway (duh! Thankz Ian), second, I had a error in rc.conf,
it had a letter where it was not supposed to have, and third, the pf was
Hi guyz, like I've said in other topic, I'm building a BSD box that'll act
as a gateway between three private networks and the internet. I want that
each private network can ping to each other, and I can do that till I
activate my pf firewall. When I do pfctl -e it stop working.
The output of
2007/12/12, Ian Smith [EMAIL PROTECTED]:
Should be 'defaultrouter', but then it's a route to an apparent local
router, whereas your em0 appears to be your public internet connection?
Yes, it's default router, like I said I was not in my work then I wrote by
myself this lines, like I didn't
Hi guyz, it's me again. I think I don't know what I'm doing, so I ask for
help. I have three private networks(192.168.1, 10.10.0, 192.168.2) and a
link to the external world 200.212.X, what I want to do is that my FreeBSD
connect all the networks to the external world and the 192.168.1 to the
Guyz, that's my doubt, if I have two separated networks, and a freebsd
connected in the two of them, I'm supposed to be able to ping to a machine
in 10.10.0 network from a machine in 192.168.1 network, for example, byonly
setting gateway_enable=YES?
I know private networks are for private use, but
2007/12/11, Chris Haulmark [EMAIL PROTECTED]:
It sounds like you are wanting a router to function between two
different
subnets.
Take a reading under 29.2.5 at this link:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routin
g.html
Chris
Yes Chris, but I already have
Guyz,
here's my netstat-r output:
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.80 UGS 0 4 xl0
10.10/16 link#4 UC 0 0 xl2
localhost localhost UH 0 0 lo0
192.168.1 link#2 UC 0 0 xl0
zion.administrativ 00:00:54:19:e7:9a UHLW 1 16 xl0 1151
192.168.1.80
2007/12/11, Jonathan Horne [EMAIL PROTECTED]:
out of curiosity, are you pinging from the 4-interfaced-connected BSD
box, or some other workstation that is trying to use the BSD box as its
gateway?
From a workstation that is trying to use BSD box as its gateway and have the
ip of the BSD box
2007/12/11, Erik Norgaard [EMAIL PROTECTED]:
Summing up, your local networks should be able to communicate accross
the BSD box once you have gateway_enable=YES, you do not need NAT for
that to work. If it doesn't work, then your firewall may be blocking.
For access to the Internet from any
2007/11/24, Ian Smith [EMAIL PROTECTED]:
ipfw works fine too for these sorts of network policy separation :)
So ipfilter is not recommended by you guyz?
If that wasn't a typo, this is a non-contiguous netmask. I suspect you
want 255.255.255.224, assuming the default router is in the same
2007/11/24, Ian Smith [EMAIL PROTECTED]:
No I didn't mean that; use your own favourite packet filter, any of them
can handle what you've described. Bill suggested pf - lots of people
seem to like it a lot - and I use ipfw because I (mostly) know how to.
I always had linux servers, so I'm
First off, what's the output of sysctl net.inet.ip.forwarding? If
it is 0, then reboot and see if it starts working.
The return was: net.inet.ip.forwarding 1
Routed is running, named is running, the server itself can ping to any
network, I don't know what else to test.
2007/11/23, Bill Moran [EMAIL PROTECTED]:
I'm going to the server room to test the command. And yes, the DNS is
working properly. I just came from the room and I did the command dig @
192.168.1.1 google.ca and it said no server reached, then I did dig @
127.0.0.1 google.ca and it worked!
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
OK guyz, I did some tests and I found the error, like you said, it's a
config problem with the routes, I thought the routed daemon would care
of it
for me but it seems like it don't. Please
if they had access to
internet too.
How I would set up my rc.conf with my static routes?
Thankz for the attention you're having with me guyz, hugs!
2007/11/21, Steve Bertrand [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto wrote:
Sorry,
searchdomain ...
nameserver 192.168.1.2
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
OK guyz, I did some tests and I found the error, like you said, it's
a
config
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
2007/11/23, Bill Moran [EMAIL PROTECTED]:
Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote:
Yes, I have IPFIlTER installed, but if I would want to everybody
ping
By ping, mean ping. I don't know what have access means, but I know
what
ping means.
Well I say have access because the icpm would be blocked, but I would still
have communicationwith the network even if I didn't ping. But yeah, for
meright now ping and have access is the same once the
Hi, I have some troubles building my internet gateway to my network. I
already have a gateway machine running under linux, with two interfaces eth0
(192.168.1.1) and eth1 (external world), but I installed a new server
running FreeBSD6.2 with ipfilter and squid, in the test time with had the ip
Barroso de Carvalho Neto wrote:
If I turn off linux and set the rl0 to 192.168.1.1 it
stop resolving names but can ping to anywhere. Help!!!
in the rc.conf
gateway_enable=YES
defaultrouter=X.X.X.X
I don't know if I quite understand on which machine things are breaking,
but if it is a FreeBSD
Sorry,
searchdomain ...
nameserver 192.168.1.2
not 192.168.1.1 as I've said before.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL
, no? Is there any chance of the traffic of the network be the
responsible for that???
Thankz the help
2007/11/21, Bill Moran [EMAIL PROTECTED]:
In response to Alaor Barroso de Carvalho Neto [EMAIL PROTECTED]:
Sorry my english skills, I'm brazilian and I'm not very familiar
Hi, I have some troubles building my internet gateway to my network. I
already have a gateway machine running under linux, with two interfaces eth0
(192.168.1.1) and eth1 (external world), but I installed a new server
running FreeBSD6.2 with ipfilter and squid, in the test time with had the ip
27 matches
Mail list logo
