Re: Need Guidance in my Internet Connection Sharing configuration - SOLVED - Thank you
To All: Chuck Swiger <[EMAIL PROTECTED]> >> By the way, is my system clock wrong or yours? > Your clock seems to be off. In my Gnome Desktop my date and time are correct but anyways I will try to find out about this one... John <[EMAIL PROTECTED]> > If you are getting DHCP from your aDSL modem, it is very likely that > it is already doing NAT for you (and firewalling). Doing NAT upon > NAT is probably not productive. If you are getting an RFC1597 > private (non-routed) address, this is certainly the case. Otherwise, > try logging in to your aDSL (the provided documentation should > tell you how) and see if it doesn't have NAT settings. > If my suspicion is correct, then you simply need to connect a switch > or hub between your aDSL modem and your computers. Just be aware, > many aDSL modems come configured with a very small DHCP pool > (often just 2 or 4 addresses), so you may have to expand that > (again, by logging in to the administrative function of your > aDSL modem, hopefully through a web browser, though some require > an [often Windows-only] custom application). I tried this connection last year and found out that every time I try to connect to the Internet in either computer, the aDSL Modem just cuts-off and that was the time I thought that I should be using NAT but since I had to study on IPFW and NATD, I had to do some research and it took me some time to try what I am trying today or shall I say I tried since last week... Benjamin Sobotta <[EMAIL PROTECTED]> > To make sure I understand, you can reach the internet from your > router? So it is really a routing problem, right? > The interface connected to the modem is bge0? aue0 is connected to > your internal network?! Your internal machines can ping the router?? > If everything is so then try > natd_interface="bge0" > instead of what you have. Actually I'm not sure at all because I'm not > on my machine. Anyways, might be worth a shot. Ohh and don't forget to > reboot after you did the changes. If this doesn't work I would try > everything without all those firewall rules. Start out easy and when > it works you can still add rule after rule. Always try pinging IPs > because DNS might not work right away. I tried this one and it worked... Frank J. Laszlo <[EMAIL PROTECTED]> >> natd_interface="aue0" > this should be your external (ADSL) interface Yes, I tried this one and it worked... To all of you who responded, Thank you very very...much natd_interface="aue0" was what made my system enables my Internet Connection Sharing Once again, thank you to all of you and of course to the FreeBSD Documentation Team... Srot BULL P.S. Could not CC to all because I forgot how to send an Email with multiple CC addresses in...Hehehe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need Guidance in my Internet Connection Sharing configuration
On Tue, Jan 11, 2005 at 09:15:03AM +, Srot BULL wrote: >... If you are getting DHCP from your aDSL modem, it is very likely that it is already doing NAT for you (and firewalling). Doing NAT upon NAT is probably not productive. If you are getting an RFC1597 private (non-routed) address, this is certainly the case. Otherwise, try logging in to your aDSL (the provided documentation should tell you how) and see if it doesn't have NAT settings. If my suspicion is correct, then you simply need to connect a switch or hub between your aDSL modem and your computers. Just be aware, many aDSL modems come configured with a very small DHCP pool (often just 2 or 4 addresses), so you may have to expand that (again, by logging in to the administrative function of your aDSL modem, hopefully through a web browser, though some require an [often Windows-only] custom application). > Thank you for the immediate response > > On Mon, 2005-01-10 at 18:56 -0500, Chuck Swiger wrote: > > Srot BULL wrote: > > [ ... ] > > > By the way, since this is my first try in Internet Connection > > > Sharing...I am not that sure with my cable connections... > > > My internal LAN Card "bge0" is connected to my ADSL Modem while my other > > > externel USB LAN Card "aue0" is connected to my switching hub...and the > > > other PC that I have is also connected to the hub...Is this O.K.? > > > > Your aDSL provider may not be giving you direct IP connectivity, but > > instead > > require you to configure PPPoE access via a username/password. > My connection is simple, I just connect my ethernet cable to my aDSL > broadband modem and then dhcp-client gets the necessary information for > my system to connect to the internet...I think my username/password is > already in my aDSL modem... > Well, does this mean that I will not be able to share my internet > connection at home?...not a big problem though but it hurts!...I can > still just remove and insert the LAN cable to which PC I want to use and > get connected immediately...I only wanted to learn how to configure how > to share internet connection in LAN...and of course brag to my > girlfriend that my FreeBSD is simple and powerful than her MS > $...Hehehe... > Maybe I should be consulting my ISP for this one? Pay some bucks for > internet connection sharing? > By the way, is my system clock wrong or yours? > Once again thank you for the response and hope for other > assistance/information in the future... > > Srot BULL > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need Guidance in my Internet Connection Sharing configuration
Srot BULL wrote: Hello and Good Day to all, I have tried to configure my system for Internet Connection Sharing but I could not implement the configuration properly. I am afraid that this is all my mind can figure out. Please look through below and I would appreciate if you could point out the mistakes that I have done or point me to any links that would help me help solve this problem. uname -a FreeBSD r40e.point.ne.jp 5.3-STABLE FreeBSD 5.3-STABLE #1: Mon Jan 10 12:49:58 UTC 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/R40e i386 Kernel Configuration File: #===--- IPFIREWALL OPTIONS ---===# options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=5 options IPFIREWALL_DEFAULT_TO_ACCEPT #=- Enables NAT Functionality -=# options IPDIVERT /etc/rc.conf hostname="r40e.point.ne.jp" #** OutBound Interface **# ifconfig_bge0="DHCP" <...snip...> natd_interface="aue0" this should be your external (ADSL) interface -Frank ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need Guidance in my Internet Connection Sharing configuration
Hello To make sure I understand, you can reach the internet from your router? So it is really a routing problem, right? The interface connected to the modem is bge0? aue0 is connected to your internal network?! Your internal machines can ping the router?? If everything is so then try natd_interface="bge0" instead of what you have. Actually I'm not sure at all because I'm not on my machine. Anyways, might be worth a shot. Ohh and don't forget to reboot after you did the changes. If this doesn't work I would try everything without all those firewall rules. Start out easy and when it works you can still add rule after rule. Always try pinging IPs because DNS might not work right away. HTH, Ben On Tue, 2005-01-11 at 08:37 +, Srot BULL wrote: > Hello and Good Day to all, > > I have tried to configure my system for Internet Connection Sharing but > I could not implement the configuration properly. I am afraid that this > is all my mind can figure out. Please look through below and I would > appreciate if you could point out the mistakes that I have done or point > me to any links that would help me help solve this problem. > > > uname -a > FreeBSD r40e.point.ne.jp 5.3-STABLE FreeBSD 5.3-STABLE #1: Mon Jan 10 > 12:49:58 > UTC 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/R40e i386 > > Kernel Configuration File: > #===--- IPFIREWALL OPTIONS ---===# > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=5 > options IPFIREWALL_DEFAULT_TO_ACCEPT > #=- Enables NAT Functionality -=# > options IPDIVERT > > /etc/rc.conf > hostname="r40e.point.ne.jp" > #** OutBound Interface **# > ifconfig_bge0="DHCP" > #** Internal LAN Interface **# > ifconfig_aue0="inet 10.20.30.1 netmask 255.0.0.0" > gateway_enable="YES" > natd_enable="YES" > natd_interface="aue0" > natd_flags="-dynamic -m" > firewall_enable="YES" > firewall_script="/etc/ipfw.rulesets" > firewall_type="OPEN" > firewall_quiet="YES" > firewall_logging_enable="YES" > > This is my /etc/ipfw.rulesets: > -- > #!/bin/sh > > ipfw -q -f flush > CMD="ipfw -q add" > SKIP="skipto 00800" > KS="keep-state" > INIC="bge0" > > $CMD 5 allow all from any to any via aue0 > $CMD 00010 allow all from any to any via lo0 > $CMD 00014 divert natd ip from any to any in via $INIC > $CMD 00015 check-state > > $CMD 00020 $SKIP tcp from any to 192.168.0.1 53 out via $INIC setup $KS > $CMD 00021 $SKIP udp from any to 192.168.0.1 53 out via $INIC $KS > $CMD 00030 $SKIP udp from any to 192.168.0.1 67 out via $INIC $KS > $CMD 00040 $SKIP tcp from any to any 80 out via $INIC setup $KS > $CMD 00050 $SKIP tcp from any to any 443 out via $INIC setup $KS > $CMD 00060 $SKIP tcp from any to any 25 out via $INIC setup $KS > $CMD 00061 $SKIP tcp from any to any 110 out via $INIC setup $KS > $CMD 00070 $SKIP tcp from me to any out via $INIC setup $KS uid root > $CMD 00080 $SKIP icmp from any to any out via $INIC $KS > $CMD 00090 $SKIP tcp from any to any 37 out via $INIC setup $KS > $CMD 00100 $SKIP tcp from any to any 119 out via $INIC setup $KS > $CMD 00110 $SKIP tcp from any to any 22 out via $INIC setup $KS > $CMD 00120 $SKIP tcp from any to any 43 out via $INIC setup $KS > $CMD 00130 $SKIP udp from any to any 123 out via $INIC $KS > > $CMD 00300 deny all from 192.168.0.0/16 to any in via $INIC > $CMD 00301 deny all from 172.16.0.0/12 to any in via $INIC > $CMD 00302 deny all from 10.0.0.0/8 to any in via $INIC > $CMD 00303 deny all from 127.0.0.0/8 to any in via $INIC > $CMD 00304 deny all from 0.0.0.0/8 to any in via $INIC > $CMD 00305 deny all from 169.254.0.0/16 to any in via $INIC > $CMD 00306 deny all from 192.0.2.0/24 to any in via $INIC > $CMD 00307 deny all from 204.152.64.0/23 to any in via $INIC > $CMD 00308 deny all from 224.0.0.0/3 to any in via $INIC > #$CMD 00310 deny icmp from any to any in via $INIC > $CMD 00315 deny tcp from any to any 113 in via $INIC > $CMD 00320 deny tcp from any to any 137 in via $INIC > $CMD 00321 deny tcp from any to any 138 in via $INIC > $CMD 00322 deny tcp from any to any 139 in via $INIC > $CMD 00323 deny tcp from any to any 81 in via $INIC > $CMD 00330 deny all from any to any frag in via $INIC > $CMD 00332 deny tcp from any to any established in via $INIC > > $CMD 00360 allow udp from any to 192.168.0.1 67 in via $INIC $KS > #$CMD 00370 allow tcp from any to me 80 in via $INIC setup limit > src-addr 2 > #$CMD 00380 allow tcp from any to me 22 in via $INIC setup limit > src-addr 2 > #$CMD 00390 allow tcp from any to me 23 in via $INIC setup limit > src-addr 2 > $CMD 00400 deny log all from any to any in via $INIC > $CMD 00450 deny log all from any to any out via $INIC > $CMD 00800 divert natd ip from any to any out via $INIC > $CMD 00801 allow ip from any to any > $CMD 00999 deny log all from any to any > > > The pr
Re: Need Guidance in my Internet Connection Sharing configuration
Srot BULL wrote: Thank you for the immediate response No problem, you are welcome. [ ... ] Well, does this mean that I will not be able to share my internet connection at home?...not a big problem though but it hurts!...I can still just remove and insert the LAN cable to which PC I want to use and get connected immediately...I only wanted to learn how to configure how to share internet connection in LAN...and of course brag to my girlfriend that my FreeBSD is simple and powerful than her MS $...Hehehe... Maybe I should be consulting my ISP for this one? Pay some bucks for internet connection sharing? Your aDSL modem may cache the MAC address of the connected computer. You might be able to reset it by power-cycling it after connecting it to a different system, or your ISP may have hard-coded the MAC into it to discourage people from doing what you are doing. [ You may be able to work around such by using a broadband router which lets you configure the MAC address used for the WAN port to be the MAC of the system which works. ] By the way, is my system clock wrong or yours? Your clock seems to be off. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need Guidance in my Internet Connection Sharing configuration
Thank you for the immediate response On Mon, 2005-01-10 at 18:56 -0500, Chuck Swiger wrote: > Srot BULL wrote: > [ ... ] > > By the way, since this is my first try in Internet Connection > > Sharing...I am not that sure with my cable connections... > > My internal LAN Card "bge0" is connected to my ADSL Modem while my other > > externel USB LAN Card "aue0" is connected to my switching hub...and the > > other PC that I have is also connected to the hub...Is this O.K.? > > Your aDSL provider may not be giving you direct IP connectivity, but instead > require you to configure PPPoE access via a username/password. My connection is simple, I just connect my ethernet cable to my aDSL broadband modem and then dhcp-client gets the necessary information for my system to connect to the internet...I think my username/password is already in my aDSL modem... Well, does this mean that I will not be able to share my internet connection at home?...not a big problem though but it hurts!...I can still just remove and insert the LAN cable to which PC I want to use and get connected immediately...I only wanted to learn how to configure how to share internet connection in LAN...and of course brag to my girlfriend that my FreeBSD is simple and powerful than her MS $...Hehehe... Maybe I should be consulting my ISP for this one? Pay some bucks for internet connection sharing? By the way, is my system clock wrong or yours? Once again thank you for the response and hope for other assistance/information in the future... Srot BULL ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need Guidance in my Internet Connection Sharing configuration
Srot BULL wrote: [ ... ] By the way, since this is my first try in Internet Connection Sharing...I am not that sure with my cable connections... My internal LAN Card "bge0" is connected to my ADSL Modem while my other externel USB LAN Card "aue0" is connected to my switching hub...and the other PC that I have is also connected to the hub...Is this O.K.? Your aDSL provider may not be giving you direct IP connectivity, but instead require you to configure PPPoE access via a username/password. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
