Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 20 Mar 2002 13:26:34 +0700
From:      Eugene Grosbein <eugen@svzserv.kemerovo.su>
To:        cjclark@alum.mit.edu
Cc:        net@FreeBSD.org
Subject:   Re: natd and static nat for different subnets
Message-ID:  <3C982B9A.7A8455A1@svzserv.kemerovo.su>
References:  <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> <3C97043B.449715B2@svzserv.kemerovo.su> <20020319015259.M60554@blossom.cjclark.org> <3C9821BA.F44DE2E0@svzserv.kemerovo.su> <20020319221020.G67739@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
"Crist J. Clark" wrote:
> 
> On Wed, Mar 20, 2002 at 12:44:26PM +0700, Eugene Grosbein wrote:
> > > I forgot point out that ipnat(8) will do this as-is if that is an
> > > option for you.
> >
> > Hmm, I've read man ipnat and still not sure how can I achieve
> > a combination of redirection ip<->ip and map net<->ip.
> 
> Why not?
> 
>   map if0 192.168.100.0/24 -> 192.0.2.10/32 portmap tcp/udp auto
>   map if0 192.168.100.0/24 -> 192.0.2.10/32
>   bimap if0 192.168.100.1/32 -> 192.0.2.10/32
>   map if0 172.16.0.0/16 -> 192.0.2.12/32 portmap tcp/udp auto
>   map if0 172.16.0.0/16 -> 192.0.2.12/32
>   bimap if0 172.16.0.1/32 -> 192.0.2.12/32
> 
> All of the outgoing from the 192.168.100.0/24 block gets translated to
> 192.0.2.10. All of the incoming to 192.0.2.10 not associated with an
> existing connection gets passed to 192.168.100.1. The same thing goes
> for the 172.16.0.0/16 block except it gets translated to
> 192.0.2.12. Isn't that what you wanted?

Yes, thank you. One more: now I run a kernel built with 
IPFIREWALL and IPDIVERT, the system is 3.5-STABLE yet.
Can I just add IPFILTER and not touch my configuration 
(e.g. do not setup ipf and ipnat rules)? Can I switch from natd to ipnat
on-the-fly then?

Eugene

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C982B9A.7A8455A1>