IPF, NAT or NIC problem

I'm new in BSD, I installed FreeBSD 7.2 and want to use as gateway with IPF and NAT. I have 2 NIC's fxp0 and rl0. When i booted up my pc i got a message "gateway kernel: arp xxx.xxx.88.17 is on fxp0 but got reply from rl0". My configuration files looks like this:

----rc.conf----
clear_tmp_enable="YES"
hostname="gateway.fbsdfreeco.com"
ifconfig_fxp0=" inet xxx.xxx.88.20 netmask 255.255.255.240"
gateway_enable="YES"
ipfilter_enable="YES"
ipmon_enable="YES"
ipmon_flags="-Ds"
ipnat_enable="YES"
ipnat_rules="/etc/ipnat.rules"
ifconfig_rl0="inet 192.168.1.2 netmask 255.255.255.0"
defaultrouter="xxx.xxx.88.17"
----resolv.conf----
search xxx.xxx.88.17
nameserver xxx.xxx.88.17
nameserver xxx.xxx.xxx.xxx
----ipf.loadrules.sh----
oif="fxp0"
odns="xxx.xxx.88.17"
myip="xxx.xxx.88.20"
ks="keep state"
fks="flags S keep state"

/sbin/ipf -Fa -f - << EOF

pass out quick on $oif proto tcp from any to $odns port = 53 $fks
pass out quick on $oif proto udp from any to $odns port = 53 $ks
pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port = 80 $fks
pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port = 443 $fks
EOF
----ipnat.rules----
map fxp0 192.168.1.0/16 -> xxx.xxx.88.20/32
rdr fxp0 0.0.0.0/0 -> xxx.xxx.88.20
map fxp0 192.168.0.0/16 -> 0/32 proxy port 21 ftp/tcp
map fxp0 0.0.0.0/0 -> 0/32
map fxp0 192.168.0.0/16 -> 0/32
-----------------------------------

ISP Gateway<-fxp0--ping-ok--->My Gateway<-rl0-LAN-->Switch<---ping-ok>---pc

ISP IP - xxx.xxx.88.17 (static)
My IP - xxx.xxx.88.20 (fxp0 static)
My IP - 192.168.1.2 (rl0 private)
pc IP - 192.168.1.x (private)

Ican't open web pages
where's the problem?

Comments

  • : I'm new in BSD, I installed FreeBSD 7.2 and want to use as gateway
    : with IPF and NAT. I have 2 NIC's fxp0 and rl0. When i booted up my
    : pc i got a message "gateway kernel: arp xxx.xxx.88.17 is on fxp0 but
    : got reply from rl0". My configuration files looks like this:
    :
    : ----rc.conf----
    : clear_tmp_enable="YES"
    : hostname="gateway.fbsdfreeco.com"
    : ifconfig_fxp0=" inet xxx.xxx.88.20 netmask 255.255.255.240"
    : gateway_enable="YES"
    : ipfilter_enable="YES"
    : ipmon_enable="YES"
    : ipmon_flags="-Ds"
    : ipnat_enable="YES"
    : ipnat_rules="/etc/ipnat.rules"
    : ifconfig_rl0="inet 192.168.1.2 netmask 255.255.255.0"
    : defaultrouter="xxx.xxx.88.17"
    : ----resolv.conf----
    : search xxx.xxx.88.17
    : nameserver xxx.xxx.88.17
    : nameserver xxx.xxx.xxx.xxx
    : ----ipf.loadrules.sh----
    : oif="fxp0"
    : odns="xxx.xxx.88.17"
    : myip="xxx.xxx.88.20"
    : ks="keep state"
    : fks="flags S keep state"
    :
    : /sbin/ipf -Fa -f - << EOF
    :
    : pass out quick on $oif proto tcp from any to $odns port = 53 $fks
    : pass out quick on $oif proto udp from any to $odns port = 53 $ks
    : pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port = 80
    : $fks
    : pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port =
    : 443 $fks
    : EOF
    : ----ipnat.rules----
    : map fxp0 192.168.1.0/16 -> xxx.xxx.88.20/32
    : rdr fxp0 0.0.0.0/0 -> xxx.xxx.88.20
    : map fxp0 192.168.0.0/16 -> 0/32 proxy port 21 ftp/tcp
    : map fxp0 0.0.0.0/0 -> 0/32
    : map fxp0 192.168.0.0/16 -> 0/32
    : -----------------------------------
    :
    : ISP Gateway<-fxp0--ping-ok--->My
    : Gateway<-rl0-LAN-->Switch<---ping-ok>---pc
    :
    : ISP IP - xxx.xxx.88.17 (static)
    : My IP - xxx.xxx.88.20 (fxp0 static)
    : My IP - 192.168.1.2 (rl0 private)
    : pc IP - 192.168.1.x (private)
    :
    : Ican't open web pages
    : where's the problem?
    :
    You have to point Your PC's Default Gateway IP to "My Gateway" (use the "My Gateway"'s IP address as a PC_behind_the_NAT's Default Gateway IP) and it shoould work!

  • : I'm new in BSD, I installed FreeBSD 7.2 and want to use as gateway
    : with IPF and NAT. I have 2 NIC's fxp0 and rl0. When i booted up my
    : pc i got a message "gateway kernel: arp xxx.xxx.88.17 is on fxp0 but
    : got reply from rl0". My configuration files looks like this:
    :
    : ----rc.conf----
    : clear_tmp_enable="YES"
    : hostname="gateway.fbsdfreeco.com"
    : ifconfig_fxp0=" inet xxx.xxx.88.20 netmask 255.255.255.240"
    : gateway_enable="YES"
    : ipfilter_enable="YES"
    : ipmon_enable="YES"
    : ipmon_flags="-Ds"
    : ipnat_enable="YES"
    : ipnat_rules="/etc/ipnat.rules"
    : ifconfig_rl0="inet 192.168.1.2 netmask 255.255.255.0"
    : defaultrouter="xxx.xxx.88.17"
    : ----resolv.conf----
    : search xxx.xxx.88.17
    : nameserver xxx.xxx.88.17
    : nameserver xxx.xxx.xxx.xxx
    : ----ipf.loadrules.sh----
    : oif="fxp0"
    : odns="xxx.xxx.88.17"
    : myip="xxx.xxx.88.20"
    : ks="keep state"
    : fks="flags S keep state"
    :
    : /sbin/ipf -Fa -f - << EOF
    :
    : pass out quick on $oif proto tcp from any to $odns port = 53 $fks
    : pass out quick on $oif proto udp from any to $odns port = 53 $ks
    : pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port = 80
    : $fks
    : pass out quick on $oif proto tcp from xxx.xxx.88.20 to any port =
    : 443 $fks
    : EOF
    : ----ipnat.rules----
    : map fxp0 192.168.1.0/16 -> xxx.xxx.88.20/32
    : rdr fxp0 0.0.0.0/0 -> xxx.xxx.88.20
    : map fxp0 192.168.0.0/16 -> 0/32 proxy port 21 ftp/tcp
    : map fxp0 0.0.0.0/0 -> 0/32
    : map fxp0 192.168.0.0/16 -> 0/32
    : -----------------------------------
    :
    : ISP Gateway<-fxp0--ping-ok--->My
    : Gateway<-rl0-LAN-->Switch<---ping-ok>---pc
    :
    : ISP IP - xxx.xxx.88.17 (static)
    : My IP - xxx.xxx.88.20 (fxp0 static)
    : My IP - 192.168.1.2 (rl0 private)
    : pc IP - 192.168.1.x (private)
    :
    : Ican't open web pages
    : where's the problem?
    :
    You have to point Your PC's Default Gateway IP to "My Gateway" (use the "My Gateway"'s IP address as a PC_behind_the_NAT's Default Gateway IP) and it shoould work!

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

In this Discussion