From owner-freebsd-net  Tue Jul 10 14:29:28 2001
Delivered-To: freebsd-net@freebsd.org
Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9])
	by hub.freebsd.org (Postfix) with ESMTP id 992FA37B403
	for <freebsd-net@FreeBSD.ORG>; Tue, 10 Jul 2001 14:29:24 -0700 (PDT)
	(envelope-from julian@elischer.org)
Received: from InterJet.elischer.org (InterJet.elischer.org [192.168.1.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA55250;
	Tue, 10 Jul 2001 16:14:18 -0700 (PDT)
Date: Tue, 10 Jul 2001 16:14:17 -0700 (PDT)
From: Julian Elischer <julian@elischer.org>
To: Nick Rogness <nick@rogness.net>
Cc: Peter Warrick <peter@guest-tek.com>, freebsd-net@FreeBSD.ORG
Subject: Re: IPFW and NATD
In-Reply-To: <Pine.BSF.4.21.0107101643390.49638-100000@cody.jharris.com>
Message-ID: <Pine.BSF.4.21.0107101613000.54942-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org



On Tue, 10 Jul 2001, Nick Rogness wrote:
> 	You need to add another rule:
> 
> 	ipfw add divert natd all from $PUBLIC_IP to any in via en0
                                          ^          ^
                                          \----------/
                                       swap these


> 
> 	The $PUBLIC_IP should be the IP of en0.  This will only work if
> 	your non-diverted traffic is using a different public IPs...which
> 	I'm assuming you are.

OR you don NOT want other machines to be able to get out.

> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message