netbsd-bugs: misc/10449: Documentation misses a hint for the need of ip-forwarding for simple nat'ing.

Subject: misc/10449: Documentation misses a hint for the need of ip-forwarding for simple nat'ing.
To: None <gnats-bugs@gnats.netbsd.org>
From: Alexander Sorg <handtuch@smaug.fh-regensburg.de>
List: netbsd-bugs
Date: 06/26/2000 00:48:12

>Number:         10449
>Category:       misc
>Synopsis:       Documentation misses a hint for the need of ip-forwarding for simple nat'ing.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    misc-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Mon Jun 26 00:49:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Alexander Sorg
>Release:        1.4.2 and web-page
>Organization:
>Environment:
independent
>Description:
The web-page "http://www.de.netbsd.org/Documentation/network/" and the help
files in /usr/share/examples/ipf don't mention the need of ip-forwarding be-
ing switched on. At least in the webpage a line saying "Switch the ip-forwarding
on by issuing 'systcl -w net.inet.ip.forwarding=1' as root."
>How-To-Repeat:
Setting up nat/ipf for a home-network-to-internet-gateway as a not-so experi-
enced user.
>Fix:
Change this line after the anchor "http://www.de.netbsd.org/Documentation/network/#simplenat":
2.On your NAT machine, first make sure your kernel has ipfilter and ip-forwarding enabled: 

    options	    GATEWAY                 # packet forwarding
    options         PFIL_HOOKS              # pfil(9) packet filter hooks
    pseudo-device   ipfilter                # IP filter (firewall) and NAT

>Release-Note:
>Audit-Trail:
>Unformatted: