Date: Thu, 29 Jul 1999 09:15:50 +0100 From: Brian Somers <brian@FreeBSD.org.uk> To: wayne@crb-web.com Cc: FreeBSD Questions <freebsd-questions@FreeBSD.org>, ru@FreeBSD.org Subject: Re: help w/ NATD rules on aliased ip address Message-ID: <199907290815.JAA00666@keep.lan.Awfulhak.org> In-Reply-To: Your message of "Wed, 28 Jul 1999 23:06:16 EDT." <Pine.LNX.3.95.990728225815.10767A-100000@crb.crb-web.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I wish to use NATD on a computer with single interface card in it. I have
> looked in the handbook and "The Complete FreeBSD" but neither have information
> pertaining to this particular information. I am currently running linux as a
> natbox in this configuration but wish to switch it to freebsd.
>
> If anyone could help me with the natd switches and the ipfw rules I would
> greatly appreciated it.
>
> Here is my configuration:
>
> public interface 207.196.47.5 netmask 255.255.255.240
> interface on private network 10.0.0.50
> netmask of private network 255.255.255.0
>
> I have tried natd -u -a 207.196.47.5 but this did not seem to work. I saw
> natd viewing the packets on debug but it did not translate them and they went
> nowhere.
I *think* this is possible, but with some odd ipfw lines - something
like:
ipfw add pass all from 10.0.0.0/8 to 207.196.47.5 in
ipfw add divert natd all from 10.0.0.0/8 to any out
ipfw add divert natd all from any to 207.196.47.5 in
The idea is to ensure that natd isn't given each packet twice.
If this works, I'd suggest it's added to the man page.
> thanks in advance,
> Wayne
--
Brian <brian@Awfulhak.org> <brian@FreeBSD.org>
<http://www.Awfulhak.org>; <brian@OpenBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@FreeBSD.org.uk>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907290815.JAA00666>