Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 15 Feb 2005 14:27:20 +0100
From:      Emanuel Strobl <emanuel.strobl@gmx.net>
To:        freebsd-questions@freebsd.org, dgw@liwest.at
Cc:        questions@freebsd.org
Subject:   Re: How do I set the source address on a multi-homed host?
Message-ID:  <200502151427.25443@harrymail>
In-Reply-To: <200502121505.20754.dgw@liwest.at>
References:  <200502112206.43267.dgw@liwest.at> <420D2348.4020408@spintech.ro> <200502121505.20754.dgw@liwest.at>

next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart3785422.S4pZehzKVg
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Am Samstag, 12. Februar 2005 16:05 schrieb Daniela:
> On Friday 11 February 2005 21:27, Alin-Adrian Anton wrote:
> > Daniela wrote:
> > > I have two NICs (one inside and one outside interface) with NAT
> > > activated. The problem is that every time I establish a connection with
> > > a machine on my LAN, it uses the address of the outside interface as
> > > the source of the packets, which creates problems with my firewall. How
> > > do I tell my machine to use the other address whenever I connect to a
> > > local machine?
> > >
> > > Daniela
> >
> > Hi Daniela,
> >
> > Can you please be more specific? You mean this happens when you are
> > connecting from inside intranet to some other point inside intranet?
>
> Yes, this happens when I connect from my machine (which functions as a
> router with NAT to allow the other LAN machines connect to the internet) to
> another LAN machine. When the router establishes a connection to another
> point in the intranet, the source address used is my official IP, and not
> 10.0.0.1, which is the intranet IP of the router.
> In other words, I want the source address to be 10.0.0.1 on every outgoing
> connection where the destination is inside my intranet.

It's easy if your doing NAT with PF or IPF, something like:
nat pass on $o_if from $localnet to !$otherlocal_net -> $oif_addr
is what you want.

-Harry
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"

--nextPart3785422.S4pZehzKVg
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)

iD8DBQBCEfi9Bylq0S4AzzwRAn2OAJkBD93yeiVDsl1ZiaZwRTl+BrXHdQCfeO4r
5ZysMswsFZV+N/cna7lta9c=
=JckO
-----END PGP SIGNATURE-----

--nextPart3785422.S4pZehzKVg--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502151427.25443>