Christopher Blanchard wrote: > I am a system administrator at a small private school in the > California mountains. I recently acquired a DSL connection > and would like to share it with the faculty and staff using > NATs. I put up a 4.7 stable dual-homed box (AJAX), rebuilt > the kernel with IPFIREWALL, IPFIREWALL_DEFAULT_TO_ACCEPT and > IPDIVERT. The DSL gateway is 4.63.122.77/255.255.255.252 the > internet interface is 4.63.122.78/255.255.255.252 on the LAN > side the interface is 10.10.236.5/255.255.255.0 and another > router is at 10.10.236.254, 10.10.2 36.1 is a dns/dhcp server > (RS1)(novell netware) cedulocal.com. I have read everything I > can get my hands on but cannot get AJAX to pass traffic. From > AJAX I can ping/ftp out to the internet and internally to RS1. > I would be appreciative of suggestions and would particularly > like sample rc.files with appropriate examples. X-server on > this machine will not work as it is a compaq with an embedded > Intel 82815e graphics which I am unable to turn off so http is > out, but ftp works fine. thanks > > > Internet AJAX > RS1 Router > 4.63.122.77 4.63.122.78 10.10.236.5 > 10.10.236.1 10.10.236.254 > 255.255.255.252 255.255.255.0 255.255.255.0 > 255.255.255.0 DNS 4.2.2.1 > DNS/DHCP Srvr cedulocal.com > > > > To Unsubscribe: send mail to [EMAIL PROTECTED] with > "unsubscribe freebsd-questions" in the body of the message
Your /etc/rc.conf should contain the following:
firewall_enable="YES" firewall_type="OPEN" firewall_script="/etc/rc.firewall" natd_enable="YES" natd_flags="-a 4.62.122.78" gateway_enable="YES"
Basically, that should get you going.
You may want to tweak things like firewall rules etc but the above should atleast work well enough to get you started.
Unless you feel like playing with sysctl and ipfw manually you will have to reboot after adding the above lines.
-- R
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
