Re: Problem(s) resolving names with natd/ipfw.
1. I would try enabling named on the FreeBSD gateway and set it as a forwarder to the DNS of my ISP. Then set all the clients' primary DNS to that of the internal IP of your gateway. 2. I would also not use OPEN firewall type. I would not be comfortable with it. 3. I would also take out the lines firewall_type and firewall_script from rc.conf and instead create a shell script in a startup_dir (eg /usr/local/etc/rc.d) and put all my ipfw rules in there and chmod it to be executable. I think the original /etc/rc.firewall awaits variables set in rc.conf eg firewall_type, etc. - Original Message - From: Jose Albores [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, September 14, 2003 12:57 PM Subject: Problem(s) resolving names with natd/ipfw. The problem summary is as follows: I'm setting up a very simple LAN at home using only two machines with fixed private ip addresses either. The FreeBSD gateway is connected to the internet through my cablemodem ISP's modem. The problem is that the Windows XP client CANNOT access the Internet with alphabetic names (should be called a DNS problem?) but it YES CAN do it with ip addresses (numbers). AFAIK (being a newbie in networking issues) it seems that no problems arise from the gateway side after setting up natd/ipfw. From the client, I can ping to numeric addresses locally and outside. And (again using ip-numbers) I can telnet to my pop server's 110 port. But not with names. The (gateway) server has NO problems with alphabetic addresses. Neither pinging the local network nor with the internet. Maybe I forgot some flag for natd in my /etc/rc.conf? Is/are there other option/s in my kernel-configuration file needeed? Any hint will be appreciated. Please feel free to ask for any necessary info. These are the details. It's my first job with networks, and the scenario is as follows: The server: · Pentium 233 MMX. · OS: FreeBSD 4.8-RELEASE. Alternating with Win 98 for testing. · dc0: interfase to my cablemodem ISP. · vr0: interfase to my local network connected to a hub. The client: · AMD athlon xp 2.0 Ghz. · OS: Windows XP. Adding DNS servers to the network config in the client didn't solve the problem. BTW it's not necessary to add DNS entries when the server boots with Win 98 + Microsoft's ICS. On the server side, I built a new kernel with (all?) the necessary options: · The GENERIC kernel, adding: options IPDIVERT options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=200 options IPFIREWALL_DEFAULT_TO_ACCEPT The /etc/hosts file has three entries: 127.0.0.1 localhost localhost.homenet.org 192.168.0.1 daviddavid.homenet.org 192.198.0.2 goliath goliath.homenet.org My /etc/resolv.conf has been automagically generated when first configured the interfases. Maybe? it updates on every boot. And my networking-related lines in /etc/resolv.conf are as follows: --- Begin of /etc/rc.conf --- hostname=david.homenet.org # [...] chunking a few not-networking lines... ifconfig_dc0=DHCP ifconfig_vr0=inet 192.168.0.1 netmask 255.255.255.0 gateway_enable=YES firewall_enable=YES firewall_type=OPEN firewall_script=/etc/my.rc.firewall #firewall_script=/etc/rc.firewall ### did not work either!!! natd_enable=YES natd_interface=dc0 natd_flags= --- End of /etc/rc.conf --- The COMPLETE /etc/my.rc.firewall is extremely simple: --- Begin --- #!/bin/sh /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via dc0 /sbin/ipfw add pass all from any to any --- End --- Testing blindly the /etc/rc.firewall also did not work. Learning ipfw secrets will be left for the immediate future ;o))). TIA. -- José Albores - [EMAIL PROTECTED] Internet GRATIS es Yahoo! Conexión 4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo Más ciudades: http://conexion.yahoo.com.ar ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem(s) resolving names with natd/ipfw.
Just enabling named solved the problem. I only added two or three named_... entries from /etc/default/rc.conf to /etc/rc.conf, changing NO for YES and nothing else. Even without modifying de default config files (named.conf and any other, eventually) the FreeBSD gateway began to forward name-requests without problems. But I'm almost sure that none of the documents I read said it was necessary to enable named in the gateway in order to resolve names. Maybe this should be added o I should recheck. Thank you very much. Your help was in fact extremely useful to me. I also prefer sometimes to perform a few tasks with my personals scripts and avoid the default programs doing them. As I review what I wrote it seems that I know what exactly the program does! Thanks again. -- José Albores - [EMAIL PROTECTED] --- [EMAIL PROTECTED] escribió: 1. I would try enabling named on the FreeBSD gateway and set it as a forwarder to the DNS of my ISP. Then set all the clients' primary DNS to that of the internal IP of your gateway. [...] - Original Message - [...] The problem summary is as follows: I'm setting up a very simple LAN at home using only two machines with fixed private ip addresses either. The FreeBSD gateway is connected to the internet through my cablemodem ISP's modem. The problem is that the Windows XP client CANNOT access the Internet with alphabetic names (should be called a DNS problem?) but it YES CAN do it with ip addresses (numbers). [...] Internet GRATIS es Yahoo! Conexión 4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo Más ciudades: http://conexion.yahoo.com.ar ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem(s) resolving names with natd/ipfw.
The problem summary is as follows: I'm setting up a very simple LAN at home using only two machines with fixed private ip addresses either. The FreeBSD gateway is connected to the internet through my cablemodem ISP's modem. The problem is that the Windows XP client CANNOT access the Internet with alphabetic names (should be called a DNS problem?) but it YES CAN do it with ip addresses (numbers). AFAIK (being a newbie in networking issues) it seems that no problems arise from the gateway side after setting up natd/ipfw. From the client, I can ping to numeric addresses locally and outside. And (again using ip-numbers) I can telnet to my pop server's 110 port. But not with names. The (gateway) server has NO problems with alphabetic addresses. Neither pinging the local network nor with the internet. Maybe I forgot some flag for natd in my /etc/rc.conf? Is/are there other option/s in my kernel-configuration file needeed? Any hint will be appreciated. Please feel free to ask for any necessary info. These are the details. It's my first job with networks, and the scenario is as follows: The server: · Pentium 233 MMX. · OS: FreeBSD 4.8-RELEASE. Alternating with Win 98 for testing. · dc0: interfase to my cablemodem ISP. · vr0: interfase to my local network connected to a hub. The client: · AMD athlon xp 2.0 Ghz. · OS: Windows XP. Adding DNS servers to the network config in the client didn't solve the problem. BTW it's not necessary to add DNS entries when the server boots with Win 98 + Microsoft's ICS. On the server side, I built a new kernel with (all?) the necessary options: · The GENERIC kernel, adding: options IPDIVERT options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=200 options IPFIREWALL_DEFAULT_TO_ACCEPT The /etc/hosts file has three entries: 127.0.0.1 localhost localhost.homenet.org 192.168.0.1 daviddavid.homenet.org 192.198.0.2 goliath goliath.homenet.org My /etc/resolv.conf has been automagically generated when first configured the interfases. Maybe? it updates on every boot. And my networking-related lines in /etc/resolv.conf are as follows: --- Begin of /etc/rc.conf --- hostname=david.homenet.org # [...] chunking a few not-networking lines... ifconfig_dc0=DHCP ifconfig_vr0=inet 192.168.0.1 netmask 255.255.255.0 gateway_enable=YES firewall_enable=YES firewall_type=OPEN firewall_script=/etc/my.rc.firewall #firewall_script=/etc/rc.firewall ### did not work either!!! natd_enable=YES natd_interface=dc0 natd_flags= --- End of /etc/rc.conf --- The COMPLETE /etc/my.rc.firewall is extremely simple: --- Begin --- #!/bin/sh /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via dc0 /sbin/ipfw add pass all from any to any --- End --- Testing blindly the /etc/rc.firewall also did not work. Learning ipfw secrets will be left for the immediate future ;o))). TIA. -- José Albores - [EMAIL PROTECTED] Internet GRATIS es Yahoo! Conexión 4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo Más ciudades: http://conexion.yahoo.com.ar ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
