Home Network, step by step?

James james at idea-anvil.net
Tue Dec 14 06:30:30 PST 2004 

Hi,

On Monday 13 December 2004 10:48 pm, R. Scott Kennan wrote:
> Ok, here's my setup: I have broadband over a surfboard modem from Cox
> cable. I have an ethernet card (D-link) that I just picked up, and a
> crossover cable that connects the two computers via this card, to
> another, identical one on the linux box.

so just to make sure I am clear,

[world]<--->[cable gateway]<--->[fbsd box]<--->[hub]<--->[linux box]

that look right?

> Here's the results of ifconfig (I can't make heads or tails of it-
> which one is my incoming internet connection? ):
>

This would be your firewire:
> fwe0: flags=108802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
>         options=8<VLAN_MTU>
>         ether 02:e0:18:11:a5:2b
>         ch 1 dma -1

This is a network card:
> bfe0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         options=8<VLAN_MTU>
>         inet6 fe80::2e0:18ff:fef9:96e9%bfe0 prefixlen 64 scopeid 0x2
>         inet 68.230.154.245 netmask 0xfffffe00 broadcast 68.230.155.255
>         ether 00:e0:18:f9:96:e9
>         media: Ethernet autoselect (100baseTX <full-duplex>)
>         status: active

This is a network card:
> rl0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
>         options=8<VLAN_MTU>
>         ether 00:11:95:1d:43:fd
>         media: Ethernet autoselect (10baseT/UTP)
>         status: no carrier

This would be the lpt port:
> plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500

This is the loopback interface:
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
>         inet 127.0.0.1 netmask 0xff000000
>         inet6 ::1 prefixlen 128
>         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
>

You will need to know the ip address of the cable modem or if it is using 
dhcp.  Use the http admin for the modem to see what the ip is unless you 
already know. Also note if dhcp is running on the modem, if you want to use 
dhcp then read this page (i don't know dhcp setup very well): 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dhcp.html 
and ignore the rest of this. Or you can disable dhcp for the LAN and setup a 
static network.

Static setup:

# ifconfig rl0 down
# ifconfig bfe0 down
# route flush

This will clean up your "mess" :-)

Next, you need to know the public interface (going to the cable gateway) and 
the private interface (going to your LAN).

Now to find the public interface: (assuming the ip address for the cable modem 
is 192.168.0.1 and has a netmask of 255.255.255.0):

# ifconfig rl0 192.168.0.2 netmask 255.255.255.0
# ifconfig rl0 up
# route add default gateway 192.168.0.1
# ping 192.168.0.1

You should get a ping response from the cable modem at this point. 
If not then:

# ifconfig rl0 down
# route flush
# ifconfig bfe0 192.168.0.2 netmask 255.255.255.0
# ifconfig bfe0 up
# route add default gateway 192.168.0.1
# ping 192.168.0.1

Make a note of the which interface is which. For the examples I am assuming 
rl0 is connected to the cable modem, that is is up, you can ping the modem 
and that bfe0 is connected to the LAN.

So this will all be set up on reboot:

Edit /etc/rc.conf and add:

firewall_enable="YES"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="rl0"
ifconfig_rl0="inet 192.168.0.1 netmask 255.255.255.0" 
ifconfig_bfe0="inet 10.0.0.1 netmask 255.255.255.0"
gateway_enable="YES"

Edit /etc/rc.firewall and edit the "open" section:

FROM:
# Prototype setups.
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
        setup_loopback
        ${fwcmd} add 65000 pass all from any to any
        ;;

TO:
# Prototype setups.
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
        setup_loopback
        ${fwcmd} add divert natd all from any to any via rl0
        ${fwcmd} add 65000 pass all from any to any
        ;;

Now Reboot.

On the linux box:
ifconfig eth0 10.0.0.2 netmask 255.255.255.0
ifconfig eth0 up
route add default gateway 10.0.0.1

Now, from the freebsd box:

ping 192.168.0.1
ping 10.0.0.2
ping freebsd.org

From the linux box:

ping 10.0.0.1
ping freebsd.org

You should be up and running. 

You will still need to edit your firewall rules. The "open" setup is just so 
misformed rules aren't a possable problem in the trouble shoot. I'm sure you 
will be able to google for how to do this.

Let me know if this helped or if you have any more questions.

- James

More information about the freebsd-newbies mailing list