Simple ipfw problem :(
bkoenig at cs.tu-berlin.de
Thu Jun 23 12:22:06 GMT 2005
> with my old linux box I forward all my LAN traffic coming from eth1 via
> eth0 with these simple 3 lines
> $IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE
> $IPTABLES -A FORWARD -i $LAN_IFACE -j ACCEPT
> $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
> Howevr I moved the box to FreeBSD 5.4 and also I have a new connection
> PPPoE. I enabled the IPDIVERRT, FIRREWALL etc in the kernel but I am
> unable to make traffic coming from rl0(internal interface) be forwaded
> via tun0( PPPoE interface).
> I have gateway_enable='yes', tried playing with ppp_nat etc...
> But no luck....
> Is there a simple way to do that with ipfw ? Please help - I am little
> bit confused...
Actually you don't need ipfw or any other packet filter to set up a
simple internet access point for clients in a LAN. This configuration
should be enough:
---- ppp.conf ----
set device PPPoE:<interface>
set log Phase IPCP CCP Warning Error Alert
add! default HISADDR
set authname <username>
set authkey <password>
Note: <interface> is your external network interface, i.e. neither rl0
---- rc.conf ----
gateway_enable="YES" # "sysctl net.inet.ip.forwarding=1" at startup
ppp_nat="YES" # alternatively "nat enable yes" in ppp.conf
I hope I didn't forget about something.
More information about the freebsd-questions