firewall
Robert Storey
y2kbug at ms25.hinet.net
Wed Sep 17 02:22:34 PDT 2003
In the continuing saga of my firewall configuration...
One kind member of this list suggested I must compile this into my
kernel:
options IPDIVERT
So I did that, and it made a difference though it didn't solve the
problem. Previously, whenever I started ppp, if I attempted to ping I
would get this error message:
bob at sonic:~> ping slashdot.org
ping: cannot resolve slashdot.org: Host name lookup failure
Now when I ping, I get no response - no error messages, but no other
feedback. I think this is an improvement, but something is still
preventing me from getting a response from ppp.
To reiterate, this is everything I've done so far:
FROM /etc/rc.conf:
firewall_enable="YES"
firewall_script="/etc/rc.firewall"
firewall_type="simple"
natd_enable="YES"
natd_interface="ppp0"
FROM /etc/rc.firewall:
# set these to your outside interface network and netmask and ip
oif="ppp0"
onet="168.95.0.0"
omask="255.255.255.255"
oip="168.95.0.0"
# set these to your inside interface network and netmask and ip
iif="vr0"
inet="192.168.0.0"
imask="255.255.255.0"
iip="192.168.0.2"
Kernel recompile:
options IPDIVERT
CONTENT OF /etc/hosts:
#
::1 localhost localhost.utopia.com
127.0.0.1 localhost localhost.utopia.com
#
192.168.0.3 ibm.utopia.com ibm
192.168.0.2 sonic.utopia.com sonic
192.168.0.1 pro.utopia.com pro
I also used sysinstall to designate this machine as a gateway. Was that
the right thing to do?
thanks for all the advice so far,
still hoping,
Robert
More information about the freebsd-questions
mailing list