RE: Gateway

---

• From: "Rodrigo Galiano" <rodrigo@xxxxxxxxxxxx>
• Date: Mon, 31 Jul 2006 10:01:24 +0100

---

Hi,

Just add the following lines on rc.conf to get your gateway up and
running for the LAN:

gateway_enable="YES"
natd_enable="YES"
natd_flags="-n xxx" (you should replace xxx with your external interface
name)
firewall_enable="YES"
firewall_script="/etc/ipfw.test" (this is to specify firewall script file
(don't forget the natd rule on the firewall script).



Regards
---
Rodrigo Galiano Celestino
Consultor de Internet & Sistemas
Cellular: +244 923 57 79 72


-----Original Message-----
From: owner-freebsd-stable@xxxxxxxxxxx
[mailto:owner-freebsd-stable@xxxxxxxxxxx] On Behalf Of SigmaX asdf
Sent: segunda-feira, 31 de Julho de 2006 8:39
To: Igor Robul
Cc: freebsd-stable@xxxxxxxxxxx
Subject: Re: Gateway

I take it firewall_type="OPEN" does not include the divert rule?
The handbooks reads "The kernel source needs 'option divert' statement added
to the other IPFIREWALL statements compiled into a custom kernel." Is this
still the case in FreeBSD 6.1? Or am I covered by the IPDIVERT module or
something?

SigmaX

On 7/29/06, Igor Robul <igorr@xxxxxxxxxxxxx> wrote:

On Sat, Jul 29, 2006 at 01:42:41PM -0400, SigmaX asdf wrote:

^^^^^^^^^^^^^^^^^^^
Should be natd_enable="YES"

Heh; yeah, typo in my post. The file has it ok. Is there something I

have

to do to specify the interfaces which have nat enabled? Does

natd_enable

automatically forward any/every packet to any/every interface?

Personally I use ipfilter, but for ipfw/natd you need to specify
"divert" rule. You can find many examples, including ones in FreeBSD
handbook.

_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"

_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"

---

• Follow-Ups:
  • RE: Gateway
    • From: Iasen Kostov

• References:
  • Re: Gateway
    • From: SigmaX asdf

• Prev by Date: Re: Gateway
• Next by Date: Re: FreeBSD 5.5 (VMware) on Fedora core 5
• Previous by thread: Re: Gateway
• Next by thread: RE: Gateway
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: D-Link DSL-300T ... >> ADSL connection. ... I've got FreeBSD 4.10 running as a gateway at home. ... > configuration, how do you access the modem for configuration and ... (comp.unix.bsd.freebsd.misc) Re: NAT / ipfw / GW - FreeBSD 4.10 to Linux Private Network??? ... > So with the help of all of you I have configure my FreeBSD 4.10 gateway. ... > I'm trying to get internet connection for my linux box, ... You'll need to set up port forwarding. ... (freebsd-questions) A Challenge... NAT for PPP dial in user ... I have a FreeBSD 4.8 box set as a gateway on my home LAN. ... downstairs, and a few dial up users... ... (freebsd-questions) gateway security? ... some discussions of general security in a LAN environment with a FreeBSD ... headless gateway sits in a dark closet, ... (FreeBSD-Security) RE: Setting up a multi-platform VPN? ... Make your life much easier and buy a Snapgear box to act as your gateway. ... The VPN support is great and easy to set up. ... We are using FreeBSD (4.8-RELEASE, ... > network, as well as serving e-mail, Web, etc. ... (freebsd-net)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Mailing-Lists  > FreeBSD  > stable  > 2006-07