On Monday 20 October 2003 15:48 Anno Domini, Lowell Gilbert wrote using one of his keyboards: > Petre Bandac <[EMAIL PROTECTED]> writes: > > I have to use a freebsd machine as a gateway router; I did manage to make > > natd work, but now I have also a subnet routed to the machine > > That sounds fine. How you handle it will depend on whether you want > outside hosts to be able to initiate connections into that subnet or > not. If not, it's easy: you just need '-unregistered_only'. > > If you do want full access into those machines, I don't see why > just setting up a route on the gateway machine shouldn't be enough to > just do it on a machine already configured for IP forwarding. Of > course, you'll need to let the packets through the firewall.
all I did was ipfw add pass all from any to $subnet ipfw add pass all from $subnet to any and it works my problem was that I googled around and didn't find the answer to my problem, so I had to figure it out myself if you are familiar with freebsd routers/gateways, I would welcome any hints/ advices/howtoes/links/etc what I want is to get the LAN behind rl1 to the internet (connected via rl0) with routable (i.e. public) IP addresses > > I'm looking for the ipfw command similar to iptables' -A FORWARD -d > > $subnet/ $mask -j ACCEPT > > Sorry, I don't use iptables, so that doesn't mean anything to me. I am new to freebsd (and slowly moving to the intermediate level), but I have a few years of linux experience behind, that's why I tried a comparison between the 2 > I can guess that it's going to just let in all packets destined for > subnet/mask, but surely you want to do *some* firewalling... yes, I surely do > > also, what's the difference between ipfw add pass and ipfw add forward ? > > The former accepts a packet for processing by the IP stack, while the > latter bypasses the forwarding portions of the stack. got it thanks, petre -- 3:56PM up 8 days, 4:01, 4 users, load averages: 0.94, 0.47, 0.26 _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
