I am having almost the same exact problem. I've followed the guides on freebsddiary, in the handbook, and instructions here in the list, but I still can't ping out to the internet from my xp box. I can however ping the external NIC's IP address though. Maybe someone can post a simplified rc.firewall just for gateways?
From: Constantine <[EMAIL PROTECTED]>
To: Marc Perisa <[EMAIL PROTECTED]>
CC: Derrick Ryalls <[EMAIL PROTECTED]>,[EMAIL PROTECTED]
Subject: Re: FreeBSD gateway
Date: Wed, 20 Nov 2002 18:18:01 -0500
Marc Perisa wrote:
# ipfw showDerrick Ryalls wrote:Hello!
I have installed FreeBSD 4.7 recently, and it seems it does not want to work as a gateway. I have two network cards in my FreeBSD computer, fxp0 for LAN and sis0 for the cable modem. I am new to FreeBSD, so I am confused what the difference between gateways and routers is (I was thinking they link to the same thing). I can ping my FreeBSD box from winxp, I can ping internet from remote session to FreeBSD, but I cannot ping internet from my winxp.
My winxp has ip 192.168.0.1, netmask 255.255.255.0, and gateway 192.168.0.18 settings. Now FreeBSD /etc/rc.conf follows:
gateway_enable="YES"
kern_securelevel_enable="NO"
nfs_reserved_port_only="YES"
ifconfig_sis0="DHCP"
ifconfig_fxp0="inet 192.168.0.18 netmask 255.255.255.0" #router_enable="YES" # from handbook gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="sis0"
>>natd_flags="" #/ handbookAre your ip's reversed? I think the gateway should have the .1 address and the xp box should use the .18
Nope. He set his FreeBSD box to the IP 192.168.0.18 and his Windows XP box to 192.168.0.1 . All is ok with that. It is only uncommon to do. Normally you would give the defaultgateway for a network x.y.z.1 or x.y.z.254 . But it is not forbidden to set it to any IP in that subnet.
From your point of view (as needed for this problem) routers and gateways are the same. In this case the FreeBSD box is acting as a router for your internal net to the Internet. A simple router would do the same. But for more complex routing you have to either setup gated (or similar software) or add all rules (if they are static) by hand.Are you using the default kernel? If so, you will need to add a couple lines are recompile. options IPFIREWALL #firewall options IPDIVERT #divert sockets as for the difference between a router and a gateway, a gateway is a machine to deal with going from one network (lan) to another network (wan), I think.
A gateway is the simplest form of a router.
That hints to a problem with the /etc/rc.firewall script (which is called when you add to /etc/rc.conf firewall_enable="YES").The last two lines from dmesg:
IP packet filtering initialized, divert disabled, rule-based forwarding enabled, default to deny, logging disabled
ip_fw_ctl: invalid command
Please provide us with the output of "ipfw list". (You have to do that as root of course). I think your firewall ruleset is not tuned for a gateway situation.
Hope that helps
Marc
00100 0 0 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
65000 8102 5158330 allow ip from any to any
65535 1 60 deny ip from any to any
I want FreeBSD to act as a simple gateway for my LAN, but for some reason it does not want to work that way, though I have confirmed to the installation programme that I want FreeBSD to function as a gateway. What are the simplest steps I need to follow to make FreeBSD act as a gateway? (I have a fresh 4.7R installation)
Thanks.
Constantine
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
