gateway_enable question
Kevin D. Kinsey, DaleCo, S.P.
kdk at daleco.biz
Fri Dec 10 19:09:59 PST 2004
David Banning wrote:
>>>My thought was to disable the gateway configuration set in rc.conf.
>>>How do I disable the gateway option without rebooting?
>>>
>>>
>>I have gateway enabled, but natd disabled, which blocks the
>>traffic from inside to outside, I believe.
>>
>>
>
>I have my nat running in ppp, and when I disable it, all the network
>still happily connects to the net. I don't have natd running either.
>Figure that out. I may be that squid is doing some nat function.
>
>
>
Seems likely, as it's a proxy server. But I'm not into proxy servers,
so don't consider that authoritative.
Lots of guys have suggested the firewall. On ipfw, that'd be
something like (put your rule number for N and sub your network
in for 192.168.0):
add <<N>> deny ip from any 192.168.0/24 to any out via tun0
(I'm assuming your PPP uses the first tunnel device?)
In another portion of this thread you stated:
>On the firewall it is difficult to block the win boxes because I -want-
>each machine to be able to contact each other, but I don't want the
>windows boxes to have internet connection.
Now, that seems a little weird. Do you not have a hub or switch
other than the BSD box on this network? Unless you're doing
some strange routing or something, everybody on the wire
ought to see everybody else regardless of the settings on the
firewall (except they maybe won't see *it* ...)
HTH,
Kevin Kinsey
More information about the freebsd-questions
mailing list