Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Sep 2000 11:14:58 +0200 (CEST)
From:      MadDave <maddave@suxx.eu.org>
To:        Frank Bonnet <bonnetf@bart.esiee.fr>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Simple NAT config / help ?
Message-ID:  <Pine.BSF.4.21.0009231102460.342-100000@spider.suxx.eu.org>
In-Reply-To: <200009221103.e8MB3bv17350@bart.esiee.fr>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi

First you must compile a new kernel with (Some of this choices are
optional):

	options IPFIREWALL
	options IPDIVERT
	options IPFIREWALL_FORWARD
	options IPFILTER
	options IPFIREWALL_DEFAULT_TO_ACCEPT
	options DUMMYNET #If you want to use traffic shaper
	options TCP_DROP_SYNFIN

Fot NAT we use deamon called `natd` (see man page for details). Natd muse
be binded to interface which is connected to internet. Then you run natd
deamon. I run it like this: `/sbin/natd -unregistered_only -interface ed0 
-s -dynamic`. In my case ed0 is the external NIC. Then you set up `ipfw`
rules like `ipfw add divert natd ip from any to any via ed0` (change ed0
with your NIC name). Then you must also enable IP Forwarding. This is done
by `sysctl -w net.inet.ip.forwarding=1`. Then you can filter clients by
setting up a firewall (see `man ipfw`). 

Bye,
	David

On Fri, 22 Sep 2000, Frank Bonnet wrote:

> Hi
> 
> I have to setup a machine that will act as NAT server
> I don't need much rules except I want to be able to
> filter clients accesses with IP addresses and maybe also
> MAC address.
> 
> As I'm pretty new in nat/firewalling I need some basic
> examples to test my configuration.
> 
> Any help welcome
> 
> release is 4.1 and the machine is a P350 with two 
> 10/100 ethernet boards. 
> 
> Thanks for any help.
> --
> Frank Bonnet
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009231102460.342-100000>