From owner-freebsd-questions Thu Sep 9 0:56:52 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mel.alcatel.fr (mel.alcatel.fr [212.208.74.132]) by hub.freebsd.org (Postfix) with ESMTP id 0006214D00 for ; Thu, 9 Sep 1999 00:56:47 -0700 (PDT) (envelope-from thierry.herbelot@alcatel.fr) Received: from aifhs2.alcatel.fr (mailhub.alcatel.fr [155.132.180.80]) by mel.alcatel.fr (ALCANET/SMTP) with ESMTP id IAA09102; Thu, 9 Sep 1999 08:51:45 +0200 Received: from lune.telspace.alcatel.fr (lune.telspace.alcatel.fr [155.132.144.65]) by aifhs2.alcatel.fr (ALCANET/SMTP2) with ESMTP id JAA00556; Thu, 9 Sep 1999 09:49:15 +0200 (MET DST) Received: from telss1 (telss1.telspace.alcatel.fr [155.132.51.4]) by lune.telspace.alcatel.fr (8.9.1a/8.9.1) with ESMTP id JAA12822; Thu, 9 Sep 1999 09:30:34 +0200 (MEST) Received: from alcatel.fr by telss1 (8.8.8+Sun/SMI-SVR4) id JAA19881; Thu, 9 Sep 1999 09:42:08 +0200 (MET DST) Message-ID: <37D76453.29A76A4F@alcatel.fr> Date: Thu, 09 Sep 1999 09:40:03 +0200 From: Thierry Herbelot Reply-To: thierry.herbelot@alcatel.fr Organization: ALCATEL CIT Nanterre X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: Scott Ware Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD 3.2 NATD and IPFW Advice Needed References: <000701befa6e$3a7befe0$0a02a8c0@puffinsoft.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, You may want to use the ARP proxy feature of the IP stack (this is started with a sysctl ; you can find the right variable with sysctl -a | grep proxy) TfH PS : there is also a comment on the subject in the "LINT" kernel config file Scott Ware wrote: > > FreeBSD 3.2 NATD and IPFW > > I need to be able to get a 10.x.x.x network to talk > with 2 machines on 158.116.206.159 & 160. > The main problem is the machine 159 and 160 > are very old OS9 and you can't set a default gateway > they can only reply to a 158.116.206.x. > (Please no comments on the OS9 machines) > > So what I want is to map: > 10.101.46.11 -> 158.116.206.159 > 10.101.46.12 -> 158.116.206.160 > > everything on 10.x.x.x needs to think it is talking to > 10.101.46.11 or 12 and everything on the 158.116.206.x > needs to think it is talking to 158.116.206.158 > > Before I started ipfw and natd I could talk to every > ip address on my freeBSD machine so I know that is right. > > With all the following settings nothing happens. > I try to ftp to 10.101.46.11 or 12 and > it just times out.. that I get some message from > natd saying it didn't get a reply. > but I can get from 158.116.206.158 to 158.116.206.159 and 160 > I tried natd_interface="ep1" and natd_interface="ep0" > > 10.101.46.10 > 10.101.46.11 158.116.206.159 > 10.101.46.12+-------+158.116.206.158 | > ----------------|FreeBSD|----------------------+ > ep1+-------+ep0 | > 158.116.206.160 > > Built Kernel with: > options IPFIREWALL #firewall > options IPDIVERT #divert sockets > > ?? Do I need? > ?? options IPFIREWALL_VERBOSE #print information about dropped > packets > ?? options IPFIREWALL_FORWARD #enable transparent proxy support > > /etc/rc.conf > network_interfaces="ep0 ep1 lo0" > ifconfig_ep0="inet 158.116.206.158 netmask 255.255.0.0" > ifconfig_ep1="inet 10.101.46.10 netmask 255.255.252.0" > ifconfig_ep1_alias0="inet 10.101.46.11 netmask 255.255.252.0" > ifconfig_ep1_alias1="inet 10.101.46.12 netmask 255.255.252.0" > defaultrouter="10.101.44.1" > firewall_enable="YES" > firewall_type="open" > gateway_enable="YES" > natd_enable="YES" > natd_interface="ep1" # I also Tried natd_interface="ep0" > natd_flags="-f /etc/rc.natd" > > /etc/rc.natd > same_ports yes > dynamic yes > use_sockets yes > redirect_address 158.116.206.159 10.101.46.11 > redirect_address 158.116.206.160 10.101.46.12 > > /etc/services > -Snip- > natd 8668/divert # Network Address Translation socket > -Snip- > > Please Email a reply.. > I'm not on the mailing list. > wsware@carolina.rr.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message