From owner-freebsd-stable@FreeBSD.ORG  Wed May 26 23:15:27 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3732416A4CE
	for <freebsd-stable@freebsd.org>;
	Wed, 26 May 2004 23:15:27 -0700 (PDT)
Received: from ns.networkersbg.com (ns.networkersbg.com [80.72.80.243])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8EAA943D41
	for <freebsd-stable@freebsd.org>;
	Wed, 26 May 2004 23:15:20 -0700 (PDT)
	(envelope-from evgeny@networkersbg.com)
Received: from ns.networkersbg.com (localhost.networkersbg.com [127.0.0.1])
	by ns.networkersbg.com (8.12.9p2/8.12.9) with ESMTP id i4R6HQ7O003167
	for <freebsd-stable@freebsd.org>;
	Thu, 27 May 2004 09:17:26 +0300 (EEST)
	(envelope-from evgeny@networkersbg.com)
From: Evgeny Ivanov <evgeny@networkersbg.com>
Received: (from nobody@localhost)
	by ns.networkersbg.com (8.12.9p2/8.12.9/Submit) id i4R6HLOx003166;
	Thu, 27 May 2004 09:17:21 +0300 (EEST)
	(envelope-from evgeny@networkersbg.com)
Date: Thu, 27 May 2004 09:17:21 +0300 (EEST)
Message-Id: <200405270617.i4R6HLOx003166@ns.networkersbg.com>
X-Authentication-Warning: ns.networkersbg.com: nobody set sender to
	evgeny@networkersbg.com using -f
To: freebsd-stable@freebsd.org
Received: from 212.116.151.30 (auth. user evgeny@ns.networkersbg.com)
          by mail.networkersbg.com with HTTP; Thu, 27 May 2004 06:17:21 +0000
X-IlohaMail-Blah: evgeny@networkersbg.com
X-IlohaMail-Method: mail() [mem]
X-IlohaMail-Dummy: moo
X-Mailer: IlohaMail/0.8.12 (On: mail.networkersbg.com)
In-Reply-To: <20040526205931.GA73463@i2.informatik.rwth-aachen.de>
Bounce-To: <evgeny@networkersbg.com>
Errors-To: <evgeny@networkersbg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: quoted-printable
Subject: Re:Re: NATD Issue
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 May 2004 06:15:27 -0000


On 5/26/2004, "Volker Stolz" <stolz@i2.informatik.rwth-aachen.de> wrote:

>In local.freebsd-stable, you wrote:
>>  I am having troubles with NATD.
>>  I have 64 Real IP addresses and about a 200 customers. I need to define
>> an address pool in order to avoid the effect that all internal IPs to be
>> visible as 1. What I have done is.
>> in rc.conf:
>> natd_enable=3D"YES"
>> natd_flags=3D"-f /etc/natd.conf"
>>
>> in natd.conf:
>> use_sockets yes
>> same_ports yes
>> reverse yes
>> interface fxp0
>> redirect_address 10.0.1.2 one-external-ip
>> redirect_address 10.0.1.3 two-external-ip
>
>Do you hace divert-rule in your firewall ruleset to pass the
>packets to natd?
>--
>http://www-i2.informatik.rwth-aachen.de/stolz/ *** PGP *** S/MIME
>Neu! =C4ndern Sie den Anfangstag Ihrer Woche
>
>
Yes I have a divert rule setup in rc.firewall. It is like this:
ipfw add 100 divert natd all frmu any to any via external-interface