Hi all: I am having some issues with network set-up. I'm running CURRENT as of 26th September, with an ipfw firewall and natd. I have one gateway machine with one external NIC and 3 internal NICs. At present nothing from my internal machines can get out. I've reduced the firewall (temporarily) to a basic ipfw -f flush divert natd ip from any to any via fxp0 allow ip from any to any When I turn logging on, I see the packets being diverted, and then accepted by later rules, but not being rewritten in between, ie ipfw: 30 Divert 8668 TCP 192.168.7.2:54619 <remote IP>:1025 out via fxp0 ipfw: 70 Accept TCP 192.168.7.2:54619 <remote IP>:1025 out via fxp0 and the packets never get to the remote IP. I can see natd running with ps, but even when I run it on the command line with -v it doesn't seem to do anything. Is there something I'm missing? Something else I could check? I've attched the relevant bits of my rc.conf and kernel conf below. Any other information that would be useful, please ask. Thanks, Bec (please CC me with any replies) The relevant bits of rc.conf: firewall_enable="YES" # Set to YES to enable firewall functionality firewall_script="/etc/rc.firewall.local" # Which script to run to set up the fir ewall firewall_quiet="YES" # Set to YES to suppress rule display # Enable routing gateway_enable="YES" # Set to YES if this host will be a gateway. natd_enable="YES" natd_interface="fxp0" natd_flags="-u" kernel config: options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default options IPFIREWALL #firewall - need for mac filtering options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPFIREWALL_FORWARD #enables changing of packet dest options IPDIVERT #divert IP sockets, used by ipfw divertReceived on Tue Sep 28 2004 - 09:11:45 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:14 UTC