Date: Thu, 5 Aug 2004 11:48:05 -0400 (EDT) From: "Steve Bertrand" <iaccounts@ibctech.ca> To: freebsd-questions@freebsd.org Subject: [Fwd: Re: natd -redirect_address] Message-ID: <2976.209.167.16.15.1091720885.squirrel@209.167.16.15>
next in thread | raw e-mail | index | archive | help
------=_20040805114805_47254 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit OP forgot to Cc: list... thank you so much. I found that for some reason natd was not loading at boot so I typed this ipfw -f flush ipfw add divert natd all from any to any via xl0 ipfw add pass all from any to any natd -n xl0 -redirect_address 192.168.0.10 24.97.250.203 and it works like a dream Steve Bertrand <iaccounts@ibctech.ca> wrote: >> Hello all, >> >> I am probably missing something really stupid but here it goes. I've >> read the man pages, the handbook and even googled the problem to no avail. >> >> I am trying to set up natd to redirect public ips to my private addresses. >> >> This is what I have set up in rc.conf >> >> defaultrouter="24.97.250.201" >> gateway_enable="YES" >> hostname="gir.visionpayments.net" >> ifconfig_rl0="inet 192.168.0.13 netmask 255.255.255.0" >> ifconfig_xl0="inet 24.97.250.202 netmask 255.255.255.248" >> linux_enable="YES" >> sshd_enable="YES" >> usbd_enable="YES" >> firewall_enabled="YES" >> firewall_type="OPEN" >> natd_enabled="YES" >> natd_interface="xl0" >> natd_flags="-f /etc/natd.conf" >> >> This is what I have in natd.conf >> >> redirect_address 192.168.0.10 24.97.250.203 >> >>>From what I read in the man pages and handbook this should be all I >>> need, however, I cannot even ping 24.97.250.203. So I typed in >> >> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203 >> >> and got >> >> natd: aliasing address not given >> >> So I added >> >> ifconfig_xl0_alias0 "inet 24.97.250.203" >> >> to rc.conf and now I am able to ping that public addy but it is doesn't seem to be redirecting me to 192.168.0.10. So I typed in -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203 >> again to see what was happens and got >> natd: aliasing address not given Oh, and to further... when using -redirect_address as above, you must supply the -i (-interface) or an -alias_address statement. Try this: # natd -i rl0 -redirect_address 192.168.0.10 0.0.0.0 or this: # natd -a 24.97.250.203 -redirect_address 192.168.0.10 0.0.0.0 Cheers, Steve >> again. am I just being a dumb n00b? wtf am I doing wrong? >> > > First off, have you confirmed natd to be functional? Can the internal machines get out to the net? > > At what point of your firewall ruleset are you diverting to natd? > > Have you tried this: > > redirect_address 192.168.0.10 0.0.0.0 > > to see if incoming traffic destined to any public IP gets redirected? > > Steve > >> >> >> >> >> --------------------------------- >> Do you Yahoo!? >> New and Improved Yahoo! Mail - 100MB free storage! >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" --------------------------------- Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! ------=_20040805114805_47254 Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="untitled-2" MIME-Version: 1.0 Content-Type: text/plain; name="untitled-2" thank you so much. I found that for some reason natd was not loading at boot so I typed this ipfw -f flush ipfw add divert natd all from any to any via xl0 ipfw add pass all from any to any natd -n xl0 -redirect_address 192.168.0.10 24.97.250.203 and it works like a dream Steve Bertrand <iaccounts@ibctech.ca> wrote: >> Hello all, >> >> I am probably missing something really stupid but here it goes. >> I've >> read the man pages, the handbook and even googled the problem to no >> avail. >> >> I am trying to set up natd to redirect public ips to my private >> addresses. >> >> This is what I have set up in rc.conf >> >> defaultrouter="24.97.250.201" >> gateway_enable="YES" >> hostname="gir.visionpayments.net" >> ifconfig_rl0="inet 192.168.0.13 netmask 255.255.255.0" >> ifconfig_xl0="inet 24.97.250.202 netmask 255.255.255.248" >> linux_enable="YES" >> sshd_enable="YES" >> usbd_enable="YES" >> firewall_enabled="YES" >> firewall_type="OPEN" >> natd_enabled="YES" >> natd_interface="xl0" >> natd_flags="-f /etc/natd.conf" >> >> This is what I have in natd.conf >> >> redirect_address 192.168.0.10 24.97.250.203 >> >>>From what I read in the man pages and handbook this should be all I >>> need, however, I cannot even ping 24.97.250.203. So I typed in >> >> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203 >> >> and got >> >> natd: aliasing address not given >> >> So I added >> >> ifconfig_xl0_alias0 "inet 24.97.250.203" >> >> to rc.conf and now I am able to ping that public addy but it is >> doesn't seem to be redirecting me to 192.168.0.10. So I typed in >> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203 >> again to see what was happens and got >> natd: aliasing address not given Oh, and to further... when using -redirect_address as above, you must supply the -i (-interface) or an -alias_address statement. Try this: # natd -i rl0 -redirect_address 192.168.0.10 0.0.0.0 or this: # natd -a 24.97.250.203 -redirect_address 192.168.0.10 0.0.0.0 Cheers, Steve >> again. am I just being a dumb n00b? wtf am I doing wrong? >> > > First off, have you confirmed natd to be functional? Can the internal > machines get out to the net? > > At what point of your firewall ruleset are you diverting to natd? > > Have you tried this: > > redirect_address 192.168.0.10 0.0.0.0 > > to see if incoming traffic destined to any public IP gets redirected? > > Steve > >> >> >> >> >> --------------------------------- >> Do you Yahoo!? >> New and Improved Yahoo! Mail - 100MB free storage! >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" _________________________________________________________________ Do you Yahoo!? [1]New and Improved Yahoo! Mail - Send 10MB messages! References 1. http://us.rd.yahoo.com/mail_us/taglines/10/*http://promotions.yahoo.com/new_mail/static/efficiency.html ------=_20040805114805_47254--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2976.209.167.16.15.1091720885.squirrel>