Joshua Lokken joshualokken at
Sat Apr 5 12:54:57 PST 2003

* John Meyer (john at wrote:
==> Good Day.
==> I have a small problem compared to the problems listed here. I have Freebsd
==> v3.1 (fairly old). I have compiled the kernel with
==> options IPFIREWALL and
==> options IPDIVERT
==> in my rc.conf file I have
==> gateway_enable="YES"
==> firewall_enable="YES"
==> firewall_type="/etc/firewall.ast"
==> natd_interface="vx0"
==> natd_flags=""
==> In the etc dir I have a file called firewall.ast.
==> My problem is I seem to get an error at bootup stating as if you are running
==> ipfw cmd without options. I have disabled all the rules in firewall.ast
==> except the first one.
==> add 00100 tcp from any to any
==> When I disable that as well all seems to work well. It looks like the option
==> in rc.conf firewall_type="/etc/firewall.ast" does not get interpreted
==> correctly.

I'm ceratinly no expert, and have only used FreeBSD since 4.5, but here
goes.  I think you need:


If you use the firewall_type option, I think it wants to use that type
of firewall from /etc/rc.firewall, ie SIMPLE, OPEN, CLOSED, etc.

==> 2nd Problem is I need to divert my public ip port 80 to a private ip port 80
==> what are the steps in natd to follow without compromising my security on the
==> private side.

No problem.  This is a nat function.  You need, either in rc.conf or

#cat /etc/natd.conf
redirect_port tcp 80

and then, in rc.conf:


==> Thank you very much in advance for any assistance.

Glad to [hopefully] help ;)

==> John Meyer
==> AST Namibia


More information about the freebsd-questions mailing list