Routing problem

Efren Bravo efrenba at gmail.com
Tue Oct 24 15:55:00 UTC 2017


@Ian Smith: gateway_enable="YES" I wrote ok, was my mistake when I copy it
into the email and sysctl net.inet.ip.forwarding=1. thanks

@Trond Endrestol

I didn't know about all those NATs (NAT44, NAT444, NAT64, etc), when I
installed a fw box 10 years ago they didn't exist, I think, because I
followed the same config and it worked. Now, the question is, how to make
it work?

thanks

2017-10-24 8:20 GMT-04:00 Ian Smith <smithi at nimnet.asn.au>:

> In freebsd-questions Digest, Vol 699, Issue 2, Message: 8
> On Mon, 23 Oct 2017 22:30:26 +0200 (CEST)
> Trond Endrest?l <Trond.Endrestol at fagskolen.gjovik.no> wrote:
>  > On Mon, 23 Oct 2017 15:19-0400, Efren Bravo wrote:
>  >
>  > > Hi there,
>  > >
>  > > I installed a FreeBSD 10.1 box and upgraded to 10.4. I tried to
> configure
>  > > this box as a FW but I can't get ping works from inside LAN to outside
>  > > world, neither any tcp/upd connection. Basic configs:
>  > >
>  > > router ip: 190.92.124.89
>  > >
>  > > kernel (recompiled & installed OK):
>  > > a lot of innecesary things disabled before recompilation
>  > > ---
>  > > options IPFILTER
>  > > options IPFILTER_LOG
>  > > options IPFILTER_LOOKUP
>  > > options IPFILTER_DEFAULT_BLOCK
>  > >
>  > > /etc/rc.conf
>  > > ---
>  >
>  > > #WAN
>  > > ifconfig_re0="inet 190.92.124.90 netmask 255.255.255.248"
>  >
>  > Public IPv4 address space.
>  >
>  > > # LAN
>  > > ifconfig_em0="inet 10.170.0.1 netmask 25.255.255.128"
>  >
>  > Private IPv4 address space.
>  >
>  > Do you plan on setting up NAT44 on this box? You should if you want
>  > this setup to work as expected.
>
> Indeed, some variety of NAT daemon.  But also ..
>
>  > > defaultrouter="190.92.124.89"
>  > > gateway_eanble="YES"
>
> .. that needs to be 'gateway_enable'.
>
>  % grep -wA7 gateway_enable /etc/rc.d/routing
>
> After fixing /etc/rc.conf one can just run:
>  # service routing restart
>
> or even (until next boot or routing restart) just:
>  # sysctl net.inet.ip.forwarding=1
>
> cheers, Ian
>



-- 
----------------
Efren Bravo


More information about the freebsd-questions mailing list