From rafan@svm.csie.ntu.edu.tw  Wed May 18 13:37:22 2005
Return-Path: <rafan@svm.csie.ntu.edu.tw>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C090816A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 18 May 2005 13:37:22 +0000 (GMT)
Received: from svm.csie.ntu.edu.tw (svm.csie.ntu.edu.tw [140.112.90.75])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E403743D9B
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 18 May 2005 13:37:21 +0000 (GMT)
	(envelope-from rafan@svm.csie.ntu.edu.tw)
Received: from svm.csie.ntu.edu.tw (localhost [127.0.0.1])
	by svm.csie.ntu.edu.tw (8.13.3/8.13.1) with ESMTP id j4IDbKbn011638
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 18 May 2005 21:37:20 +0800 (CST)
	(envelope-from rafan@svm.csie.ntu.edu.tw)
Received: (from rafan@localhost)
	by svm.csie.ntu.edu.tw (8.13.3/8.13.1/Submit) id j4IDbKTm011637;
	Wed, 18 May 2005 21:37:20 +0800 (CST)
	(envelope-from rafan)
Message-Id: <200505181337.j4IDbKTm011637@svm.csie.ntu.edu.tw>
Date: Wed, 18 May 2005 21:37:20 +0800 (CST)
From: Rong-En Fan <rafan@infor.org>
Reply-To: Rong-En Fan <rafan@infor.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: handbook/ipfw does not mention gateway_enable in rc.conf 
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         81199
>Category:       docs
>Synopsis:       handbook/ipfw does not mention gateway_enable in rc.conf
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 18 13:40:01 GMT 2005
>Closed-Date:    Thu May 19 09:14:59 GMT 2005
>Last-Modified:  Thu May 19 09:14:59 GMT 2005
>Originator:     Rong-En Fan
>Release:        FreeBSD 5.4 i386
>Organization:
NTU CSIE 
>Environment:

	
>Description:
	Handbook 24.5 and 24.6
	http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html
	http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html

	in 24.6, which contains ipfw/natd, and it does not explicitly mention
	gateway_enable="YES" if you are going to use private ip. While 24.5.3
	(section about ipf) does it.

	
>How-To-Repeat:
	
>Fix:
	Add similar things in 24.5.3 to 24.6.3.

	


>Release-Note:
>Audit-Trail:

From: David Adam <zanchey@ucc.gu.uwa.edu.au>
To: Rong-En Fan <rafan@infor.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: docs/81199: handbook/ipfw does not mention gateway_enable in
 rc.conf 
Date: Thu, 19 May 2005 12:53:46 +0800 (WST)

 On Wed, 18 May 2005, Rong-En Fan wrote:
 > >Description:
 > 	Handbook 24.5 and 24.6
 > 	http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html
 > 	http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html
 >
 > 	in 24.6, which contains ipfw/natd, and it does not explicitly mention
 > 	gateway_enable="YES" if you are going to use private ip. While 24.5.3
 > 	(section about ipf) does it.
 >
 > >Fix:
 > 	Add similar things in 24.5.3 to 24.6.3.
 
 The following patch should cover it.
 
 ----- firewalls.chapter.81199.patch begins here -----
 --- firewalls.chapter.orig	2005-05-08 22:15:43.000000000 +0800
 +++ firewalls.chapter.1	2005-05-19 12:49:45.000000000 +0800
 @@ -2265,6 +2265,11 @@
 
  	<programlisting>net.inet.ip.fw.verbose_limit=5</programlisting>
        </warning>
 +
 +      <para>If you are using NAT, enable IP forwarding:</para>
 +
 +      <programlisting>gateway_enable="YES"</programlisting>
 +
      </sect2>
 
      <sect2 id="firewalls-ipfw-cmd">
 ----- firewalls.chapter.81199.patch ends here -----
 
 Can Rong-En or someone else using IPFW to do NAT confirm that this is
 required before it gets checked in, please? (I assume there are still
 some people out there who do...)
 
 David Adam
 zanchey@ucc.gu.uwa.edu.au
 
State-Changed-From-To: open->closed 
State-Changed-By: blackend 
State-Changed-When: Thu May 19 09:13:40 GMT 2005 
State-Changed-Why:  
I pointed people to the natd(8) section.  This section covers all 
required rc.conf settings. 
Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=81199 
>Unformatted:
