On Thu, Dec 20, 2001 at 07:39:47AM -0800, Adam Nealis wrote: > > I have a simple firewall setup using FreeBSD 4.4-RELEASE > + the speedtouch port (based on 20011007 release). I > want to add some NAT to this. My first attempts to do > this resulted in no packets going in or out. I think I > have a solution but am in need of a sanity check.
Presumably you have got the adsl working first without any NAT or filtering? For filtering I rely mostly on the fact that NAT only allows packets through for established connections with this ppp.conf fragment: nat: nat enable yes nat deny_incoming yes nat use_sockets yes enable iface-alias and I use ppp.linkup to turn on packet forwarding: nat: shell sysctl -w net.inet.ip.forwarding=1 and similarly apart from =0 in ppp.linkdown to turn it off. After that you can try configuring the firewall, but I personally think that the above is sufficient. There's no point in using natd with ppp because they have exactly the same functionality -- they both use libalias to do NAT. Tony. Liste de diffusion modem ALCATEL SpeedTouch USB Pour se d�sinscrire : mailto:[EMAIL PROTECTED]?subject=unsubscribe
