How to get my Dad's Win2k system to access internet through my
FreeBSD 6.2 system
Manolis Kiagias
sonic2000gr at gmail.com
Tue Oct 14 04:40:09 PDT 2008
Peter N. M. Hansteen wrote:
> Manish Jain <unxfbsdi at gmail.com> writes:
>
>
>> I am poor at networking and need a little bit of help. My dad has a
>> Windows 2000 machine with a network card but does not have a connection
>> to the internet.
>>
>
> When I started writing this, I thought that system had been abandoned
> already, but it appears Microsoft will offer a measure of support
> through next year sometime. Do see that the system gets properly
> updated before you put it on the net.
>
>
>> My freebsd 6.2 box is connected to the internet and has
>> 2 network cards, rl0 and rl1. rl0 connects to the ISP and rl1 is
>> directly connected via a long Ethernet cable to the NIC on my dad's
>> machine. While I can access the internet easily, I want my dad to be
>> able to connect to the internet with my freebsd box serving as the
>> gateway. Can anyone please explain to me in easy steps how to accomplish
>> this ?
>>
>
> The keyword is that you need to set up your machine as a gateway.
> There are numerous guides available on how to do that (including the
> FreeBSD Handbook (free, online and likely already on your system) my
> PF tutorial (http://home.nuug.no/~peter/pf/) contains more than a few
> hints, as do several books available at better bookstores), but I
> would recommend that you pick literature that enables you to learn the
> basics of TCP/IP as well as the actual commands needed. Looking into
> packet filtering for basic protection won't hurt either. With those
> keywords in hand, you should be able to dig up something useful.
>
> - Peter
>
Inspired by this discussion (and just replying to a random post) I tried
for the first time to get a test machine as a gateway.
I tried the handbook's instructions, here:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html
These work flawlessly, you will need to recompile your kernel though.
The rest of the setup is relatively simple.
I am more accustomed to using pf rather than IPFW though, and as I
wanted to test this on my main system, I came up with this setup:
/etc/rc.conf
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
gateway_enable="YES"
(Run sysctl net.inet.ip.forwarding=1 *and* /etc/rc.d/routing restart if
you do not wish to reboot after modifying rc.conf)
I added this rule before the filtering rules section in my /etc/pf.conf:
nat pass on rl1 from rl0:network to any -> rl1
(This is an excellent read: http://www.openbsd.org/faq/pf/ )
where rl1 is the Internet-facing card, and rl0 is the local network one.
Also added a few simple rules to allow traffic from rl0 as I am normally
using pf for firewalling.
This also worked nicely, and has the added advantage of not having to
recompile the kernel.
So the OP has quite a few options, and it may prove not to be very
difficult after all.
More information about the freebsd-questions
mailing list