Re: Static Ip's: Routing and Fowarding

2007-04-19 Thread RW
On Wed, 18 Apr 2007 17:40:49 -0700, Bryan Vyhmeister wrote: >On Apr 18, 2007, at 5:31 PM, Bray Mailloux wrote: > >> shared-network LOCAL-NET{ >>option domain-name "theamericanbray.com"; >>option domain-name-servers 208.204.224.11, 208.204.224.33 >> subnet 192.168.0.0 netmask 255.2

Re: Static Ip's: Routing and Fowarding

2007-04-19 Thread Bryan Vyhmeister
On Apr 18, 2007, at 5:31 PM, Bray Mailloux wrote: shared-network LOCAL-NET{ option domain-name "theamericanbray.com"; option domain-name-servers 208.204.224.11, 208.204.224.33 subnet 192.168.0.0 netmask 255.255.255.0 { options routers 192.168.0.1; range 192.168.0.14 192.

Re: Static Ip's: Routing and Fowarding

2007-04-19 Thread Bryan Vyhmeister
On Apr 18, 2007, at 3:57 PM, Bray Mailloux wrote: And the default route in my table shows 64.142.102.1 which is also the gateway address supplied by my isp. OK. That sounds correct. Can you post your dhcpd.conf again? Bryan

Re: Static Ip's: Routing and Fowarding

2007-04-19 Thread Bryan Vyhmeister
On Apr 18, 2007, at 3:11 PM, BradenM - Sonoma Computer wrote: Do you mean the gateway address supplied by my ISP? Yes. Bryan

Re: Static Ip's: Routing and Fowarding

2007-04-18 Thread Bryan Vyhmeister
On Apr 18, 2007, at 12:59 PM, BradenM - Sonoma Computer wrote: I just read an article on dhcp-dns which updates the tinydns data file each time a new computer comes online using dynamic host control. I do plan on having my own in house DNS server but it currently is not implemented. Could t

Re: Static Ip's: Routing and Fowarding

2007-04-18 Thread Bryan Vyhmeister
On Apr 18, 2007, at 10:01 AM, BradenM - Sonoma Computer wrote: Yes, ip fowarding is enabled in the sysctl.conf file. I did have an alias on rl0 but removed it to try and simplify my nat process. I've heard the term binat thrown around, could that possibly aid my project? No, binat is not

Re: Static Ip's: Routing and Fowarding

2007-04-18 Thread Bryan Vyhmeister
On Apr 18, 2007, at 8:42 AM, Bray Mailloux wrote: Bryan Vyhmeister wrote: and post the output of both. pfctl -sn ---> nat on rl0 inet from 192.168.0.0/24 to any -> (rl0) round-robin pfctl -sr ---> scrub in all fragment reassemble pass out all keep state

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bryan Vyhmeister
On Apr 17, 2007, at 7:56 PM, Bray Mailloux wrote: Do you suppose that I should start checking for hardware problems or in other network configurations? Not just yet. Run: pfctl -sn and also: pfctl -sr and post the output of both. Bryan

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bryan Vyhmeister
On Apr 17, 2007, at 7:54 PM, Bray Mailloux wrote: # macros ext_if="rl0" int_if="rl1" #NAT nat on $ext_if from $int_if -> ($ext_if:0) #Pass pass in all pass out all keep state It still isn't working with keep state. Let's make it this: ext_if="rl0" int_if="rl1" set skip on { lo rl1 } scrub

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bryan Vyhmeister
On Apr 17, 2007, at 7:39 PM, Bray Mailloux wrote: Bryan Vyhmeister wrote: Do you have 'pass out' in your pf.conf? Yes, "pass out all". Can you post your pf.conf? Bryan

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bryan Vyhmeister
On Apr 17, 2007, at 7:20 PM, Bray Mailloux wrote: OK, I've tried your nat rule and am using a completely open pass rule to allow in all traffic but cannot ping the internet. Any other ideas? What are some trouble shooting techniques I could try? Actually, the rule should be 'pass out keep st

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bryan Vyhmeister
On Apr 17, 2007, at 7:20 PM, Bray Mailloux wrote: OK, I've tried your nat rule and am using a completely open pass rule to allow in all traffic but cannot ping the internet. Any other ideas? What are some trouble shooting techniques I could try? Do you have 'pass out' in your pf.conf? Bryan

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bray Mailloux
BradenM - Sonoma Computer wrote: - Original Message - From: "Bryan Vyhmeister" <[EMAIL PROTECTED]> To: "Bray Mailloux" <[EMAIL PROTECTED]> Cc: Sent: Tuesday, April 17, 2007 9:08 AM Subject: Re: Static Ip's: Routing and Fowarding On Apr 17,

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread BradenM - Sonoma Computer
- Original Message - From: "Bryan Vyhmeister" <[EMAIL PROTECTED]> To: "Bray Mailloux" <[EMAIL PROTECTED]> Cc: Sent: Tuesday, April 17, 2007 9:08 AM Subject: Re: Static Ip's: Routing and Fowarding On Apr 17, 2007, at 8:30 AM, Bray Mailloux wrote:

Re: Static Ip's: Routing and Fowarding

2007-04-17 Thread Bryan Vyhmeister
On Apr 17, 2007, at 8:30 AM, Bray Mailloux wrote: Shouldn't the internet connection be passed around to other hosts on the network without the use of nat and pf? Ip forwarding is on, isn't that enough? I'm just trying to get the internet connection out to other computers, filtering comes aft

Re: Static Ip's: Routing and Fowarding

2007-04-16 Thread Bryan Vyhmeister
On Apr 16, 2007, at 10:54 PM, Bray Mailloux wrote: I have one static ip address which is assigned to one of my ethernet cards, specifically rl0. Ip fowarding is turned on and dhcp is active and listening on another ethernet card, specifically rl1. Route and routed man pages have offered som

Static Ip's: Routing and Fowarding

2007-04-16 Thread Bray Mailloux
I have one static ip address which is assigned to one of my ethernet cards, specifically rl0. Ip fowarding is turned on and dhcp is active and listening on another ethernet card, specifically rl1. Route and routed man pages have offered some tidbits of information but not enough to answer my tro