Re: internet gateway
On Mon, 05 Jul 2004 10:40:58 + Brett Wiggins [EMAIL PROTECTED] spake thus: Hi, I am having some problems setting up an internet gateway for my home network. My gateway machine has two network cards, one connected to my ADSL modem and the other to a switch and my internal network. My gateway machine (FreeBSD) can connect to the internet and it can ping machines on my local network. Machines on my local network run windows. ISP | | ADSL MODEM | | FREEBSD |- MACHINE A MACHINE | | | |---SWITCH--|- MACHINE B | | |- MACHINE C So Far I have recompiled my kernel with the following options added; options IPFIREWALL options IPDIVERT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=50 options TCP_DROP_SYNFIN I then edited /etc/rc.conf gateway_enable=YES firewall_enable=YES firewall_script=/etc/rc.firewall firewall_type=OPEN firewall_quiet=NO ppp_enable=YES ppp_mode=ddial ppp_nat=YES ppp_profile=netspace ifconfig_rl0=inet 10.0.0.1 Then I edited ppp.conf with the following; nat enable yes nat log yes nat same_ports yes nat unregistered_only yes enable dns That is where I got up to now i'm stuck and don't know what to do next. Any help with this would be great. Brett G'day, http://www.schlacter.net/public/FreeBSD-STABLE_and_IPFILTER.html http://www.neon1.net/misc/firewall.html I'm afraid I don't know a great deal about using IPFW but it seems to me that ppp.conf is probably not the place to put your NATD rules. man natd gives some good advice on setting this up. I included some links that show how to use IPF and IPNAT to accomplish the task your working on. I personally found them easy enough to read and follow however I am confident that if you google a bit more you will find equally good documentation that focuses on IPFW. HTH LukeK -- Luke Kearney [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: internet gateway
Your using the ppp nat function which is ok, but you have also complied the ipfw divert option into your kernel. The ipfw divert option does the same thing as ppp nat. Recompile your kernel and remove the divert option. Also the /etc/rc.firewall rules are way to complicated for your needs. Create file /etc/ipfw.rules containing just these rules. ipfw -f flush ipfw add allow all from any to any rc.conf only needs these statements to enable ipfw firewall_enable=YES # Start IPFW daemon firewall_script=/etc/ipfw.rules # use my custom rules. filewall_logging=YES # Enable packet logging You may also want to read the new rewrite of the Freebsd handbooks firewall section which is currently available at www.a1poweruser.com/FBSD_firewall/ The Freebsd doc group has downloaded this manuscript and working on it to replace what is currently in the handbook. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Brett Wiggins Sent: Monday, July 05, 2004 6:41 AM To: [EMAIL PROTECTED] Subject: internet gateway Hi, I am having some problems setting up an internet gateway for my home network. My gateway machine has two network cards, one connected to my ADSL modem and the other to a switch and my internal network. My gateway machine (FreeBSD) can connect to the internet and it can ping machines on my local network. Machines on my local network run windows. ISP | | ADSL MODEM | | FREEBSD |- MACHINE A MACHINE | | | |---SWITCH--|- MACHINE B | | |- MACHINE C So Far I have recompiled my kernel with the following options added; options IPFIREWALL options IPDIVERT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=50 options TCP_DROP_SYNFIN I then edited /etc/rc.conf gateway_enable=YES firewall_enable=YES firewall_script=/etc/rc.firewall firewall_type=OPEN firewall_quiet=NO ppp_enable=YES ppp_mode=ddial ppp_nat=YES ppp_profile=netspace ifconfig_rl0=inet 10.0.0.1 Then I edited ppp.conf with the following; nat enable yes nat log yes nat same_ports yes nat unregistered_only yes enable dns That is where I got up to now i'm stuck and don't know what to do next. Any help with this would be great. Brett ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: internet gateway
On Mon, Jul 05, 2004 at 10:40:58AM +, Brett Wiggins wrote: Hi, I am having some problems setting up an internet gateway for my home network. My gateway machine has two network cards, one connected to my ADSL modem and the other to a switch and my internal network. My gateway machine (FreeBSD) can connect to the internet and it can ping machines on my local network. Machines on my local network run windows. ISP | | ADSL MODEM | | FREEBSD |- MACHINE A MACHINE | | | |---SWITCH--|- MACHINE B | | |- MACHINE C Did you remember to set the default gateway on Machines [A-C] to 10.0.0.1? CHeers. -- Jonathan Chen [EMAIL PROTECTED] -- Nyuck, nyuck, nyuck - Curly ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Internet gateway
On Sun, Apr 04, 2004 at 05:57:06PM -0400, Jose Arnel Rimando wrote: Hello, I just installed a freebsd stable on an old pentium. I want to ask if you guys have additional reading materials in deploying FreeBSD as an internet gateway. I am currently working on a project for a non-profit organization. Thank you very much for your time. This might help you out: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.html -Andy Miller ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Internet gateway
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Arnel Rimando Sent: Sunday, April 04, 2004 4:57 PM To: [EMAIL PROTECTED] Subject: Internet gateway Hello, I just installed a freebsd stable on an old pentium. I want to ask if you guys have additional reading materials in deploying FreeBSD as an internet gateway. I am currently working on a project for a non-profit organization. Thank you very much for your time. Jose Arnel Rimando Toronto, Canada [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] http://www.freebsddiary.org/ipfw.php http://bsdguides.org/guides/freebsd/networking/ipfilter.php Andras Kende http://www.kende.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
