Problems with IPF after upgrading from 4.11 to 5.4

Aaron Siegel aj at siegel-tech.net
Thu Sep 29 08:22:17 PDT 2005


Hello

I am having problems with my gateway after upgrading from 4.11 to 5.4. The 
firewall rules that worked in 4.11 are not working in 5.4.  A am able to 
access the internet from the gateway but not its clients.  The only ruleset I 
can get to work is the "open" ruleset that is supplied with the distribution. 
When I use the ruleset that work with 4.11 or the "simple" ruleset (modified 
to work with my network) the clients can access the gateway but not the 
internet .  My ISP provides a NAT router which does not provide the ability 
to disable NAT. I have cometed out all the lines that block packets from 
192.168.0.0 network.

 I have compiled the IPFIREWALL and IPDIVERT  options into the kernel  and I 
have setup setup rc.conf see bellow. Access to the internet seems slow it 
takes a long time for a page to download. When performing a ping test the ip 
address is resolved quickly so I do not think it is DNS.

Is there anything that has changed from 4.11 to 5.4 that would cause this 
problem.

Thank You
Aaron
#Network Configuration
hostname="hal.siegel-tech.org"
ifconfig_dc0="192.168.0.2"
ifconfig_fxp0="192.168.245.1 netmask 255.255.255.0"
defaultrouter="192.168.0.1"

#Gateway Configurations
gateway_enable="YES"
firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="dc0"


More information about the freebsd-questions mailing list