From owner-freebsd-questions  Wed Feb 28 19:19:49 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id 7178D37B718
	for <freebsd-questions@FreeBSD.ORG>; Wed, 28 Feb 2001 19:19:45 -0800 (PST)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f213k6e06745;
	Wed, 28 Feb 2001 21:46:06 -0600 (CST)
	(envelope-from nick@rogness.net)
Date: Wed, 28 Feb 2001 21:46:06 -0600 (CST)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Peter Brezny <peter@black.purplecat.net>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: static nat problem
In-Reply-To: <Pine.BSF.4.05.10102281649300.28555-100000@black.purplecat.net>
Message-ID: <Pine.BSF.4.21.0102282143550.6573-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, 28 Feb 2001, Peter Brezny wrote:

> I want to be able to forward all traffic coming to a specific external ip
> to a specific internal ip.
> 
> I currently have nat configured and working so that all private internal
> addresses are translated to a public ip as they leave the firewall machine
> on their way out, but after reading the man page a couple of times, i've
> been unable to set up static nat for a single public ip to private ip
> translation using just the man page as a guide.
> 
> What I've done to try and get this working is to start natd from rc.conf
> with both the -dynamic and -f /etc/natd.conf flags (see below).
> 
> /etc/natd.conf currently has a single line:
> 
> redirect_address 10.10.1.4 209.16.228.146

	Is that outside address being routed to your BSD machine from the
	outside somehow, or are you ARP'ng for it?

> 
> To try and clear up any weirdness, i've reduced my firewall to two lines:
> 
> #       BEGIN NAT TEST ENTRIES
>         $fwcmd add divert natd all from any to any via $oif
> 
>         $fwcmd add allow all from any to any
> 
> I know that natd is doing _something_ because when i remove the
> -f /etc/natd.conf
> section from rc.conf, http://209.16.228.146 gives me the default page.
> 

	Where are you testing this from, the inside or outside of the BSD
	machine?


Nick Rogness <nick@rogness.net>
- Keep on routing in a Free World...  
  "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message