From owner-freebsd-questions@FreeBSD.ORG Thu Jan 12 15:53:12 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E9F9016A420 for ; Thu, 12 Jan 2006 15:53:11 +0000 (GMT) (envelope-from cgross@2blc.Com) Received: from bruce.cnv.fr (bruce.cnv.fr [84.96.23.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id BF6A943D4C for ; Thu, 12 Jan 2006 15:53:05 +0000 (GMT) (envelope-from cgross@2blc.Com) Received: from localhost (localhost [127.0.0.1]) by bruce.cnv.fr (Postfix) with ESMTP id BBE706D667; Thu, 12 Jan 2006 16:53:03 +0100 (CET) Received: from bruce.cnv.fr ([127.0.0.1]) by localhost (bruce.cnv.fr [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 13532-06; Thu, 12 Jan 2006 16:52:54 +0100 (CET) Received: from PRTCEDRICXP (prt-cedricxp.cnv.local [10.0.0.31]) by bruce.cnv.fr (Postfix) with ESMTP id 9D0CF6F19C; Thu, 12 Jan 2006 16:52:51 +0100 (CET) From: "cedric Gross" To: , Date: Thu, 12 Jan 2006 16:53:50 +0100 Organization: 2BLC MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 In-Reply-To: thread-index: AcYXkFoKNnnLL7nYRpy06e6TsnjRTgAAFPbQ Message-Id: <20060112155251.9D0CF6F19C@bruce.cnv.fr> X-Virus-Scanned: by amavisd-new at cnv.fr Cc: Subject: RE: IpNat and 3 NIC X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 15:53:12 -0000 Thanks you, it's working ! But why using vr0 instead of vr1 for map instruction ? Network 192.168.0.32/27 is attach to vr1 not vr0 ... Is it an IPNat mystery or have you an answer ? > -----Message d'origine----- > De : owner-freebsd-questions@freebsd.org=20 > [mailto:owner-freebsd-questions@freebsd.org] De la part de fbsd_user > Envoy=E9 : jeudi 12 janvier 2006 16:43 > =C0 : cedric Gross; freebsd-questions@freebsd.org > Objet : RE: IpNat and 3 NIC >=20 > You have ipnat statements wrong. should be liked this >=20 > map vr0 10.0.0.0/8 -> 0.32 proxy port ftp ftp/tcp > map vr0 10.0.0.0/8 -> 0.32 portmap tcp/udp 20000:60000 > map vr0 10.0.0.0/8 -> 0.32 > map vr0 192.168.0.0/30 -> 0.32 portmap tcp/udp auto > map vr0 192.168.0.32/27 -> 0.32 portmap tcp/udp auto > map vr0 192.168.0.32/27 -> 0.32 > map vr0 192.168.0.96/27 -> 0.32 portmap tcp/udp auto > map vr0 192.168.0.96/27 -> 0.32 > rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp >=20 > Note map vr1 has been changed to vr0 >=20 > If your public IP 84.96.23.106 is not dedicated to you by your ISP, > then you should not be hard coding it in your IPnat rules. Read the > Freebsd ipfilter documentation in the handbook for details. >=20 > 0.32 =3D The IP address/netmask assigned by your ISP. > The special keyword 0.32 tells ipnat to get the current > public > IP address of the interface specified on this statement and > substitute it for the 0.32 keyword. >=20 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of cedric > Gross > Sent: Thursday, January 12, 2006 9:58 AM > To: freebsd-questions@freebsd.org > Subject: IpNat and 3 NIC >=20 >=20 > Hello, >=20 > I have my FreeBSD 5.4 box with 3 NIC : >=20 > Xl0 LAN with network 10.0.0.0/8 and 192.168.0.0/30 > VR0 Wan 84.96.23.106/32 > VR1 LAN with network 192.168.0.32/27 and 192.168.0.96/27 >=20 > I use IPNAT and Ip filter. >=20 > I'm doing NAT from Xl0 to Vr0, it's working fine >=20 > I'm trying to do the same thing with vr1 to Vr0 but it's seems that > traffic > coming from vr1 are not translated. > Is there a interface limitation with IPNAT ? >=20 > Is there a way to do translation from both NIC ? >=20 > Here is my ipnat.conf : > map vr0 10.0.0.0/8 -> 84.96.23.106/32 proxy port ftp ftp/tcp > map vr0 10.0.0.0/8 -> 84.96.23.106/32 portmap tcp/udp 20000:60000 > map vr0 10.0.0.0/8 -> 84.96.23.106/32 > map vr0 192.168.0.0/30 -> 84.96.23.106/32 portmap tcp/udp auto > map vr1 192.168.0.32/27 -> 84.96.23.106/32 portmap tcp/udp auto > map vr1 192.168.0.32/27 -> 84.96.23.106/32 > map vr1 192.168.0.96/27 -> 84.96.23.106/32 portmap tcp/udp auto > map vr1 192.168.0.96/27 -> 84.96.23.106/32 > rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp >=20 > Thanks for help. > Cedric >=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to=20 > "freebsd-questions-unsubscribe@freebsd.org" >=20