Mike wrote:
Trying to setup a small local network off of my DSL. Currently I use aYou do not need both ipnat and natd.
different OS to do this but I am switching, or trying to..
I am using IPNAT and have added all of the options to redo the kernel.
options INET #InterNETworking
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
options IPSTEALTH
options TCP_RESTRICT_RST
options INET6 #IPv6 communications protocols
Recompiled and setup my firewall - Works great. Next went after ipnat
and natd (Note some of these I do not need I think but which ones?) I
need a clear step by step on this if someone has one.
My RC.CONF with IP changed
# -- sysinstall generated deltas -- # Sat Nov 30 16:10:02 2002
# Created: Sat Nov 30 16:10:02 2002
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
#My ADSL router
defaultrouter="216.0.0.33"
ipfilter_enable="YES"
ipnat_anabled="YES"
natd_enable="YES"
natd_interface="fpx0"
natd_flags="-f /etc/natd.conf"
gateway_enable="YES"
hostname="myhost.myhost.us"
ifconfig_fxp0="inet 216.0.0.35 netmask 255.255.255.248"
ifconfig_xl0="inet 192.168.0.2 netmask 255.255.255.0"
inetd_enable="NO"
ipv6_enable="YES"
kern_securelevel_enable="NO"
linux_enable="YES"
nfs_reserved_port_only="YES"
sendmail_enable="YES"
sshd_enable="YES"
usbd_enable="YES"
#required for ipfw support
firewall_enable="YES"
#firewall_script="/etc/ipfw.rules"
firewall_script="/etc/rc.firewall"
firewall_type="simple"
firewall_quiet="NO" #change to YES once happy with rules
firewall_logging_enable="YES"
#extra firewalling options
log_in_vain="YES"
tcp_restrict_rst="YES"
icmp_drop_redirect="YES"
Next added my ipnat.conf file
map fxp0 192.168.0.0/24 -> 216.222.2.35/29 portmap tcp/udp 10000:65000
So pick it apart and point me in the right direction if possible. I am
continuing to try and make it work...
Thanks
PS - This is my First post on anything in FreeBSD, the rest from MySQL
to SSHD SSL Apache PHP Webmin all went great!
Ipnat is ipfilters way of doing nat, while natd is the ipfw way. If you run ipfilter, you run ipnat. If you choose ipfw, you're stuck with ipfw.
You can, if you want, run both ipfilter and ipfw, but you probably should try to get one of them going first before attempting anything like that.
My advice is pick one, ipnat or natd, and remove the other.
--
R
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
