From owner-freebsd-net Mon Jan 11 17:48:11 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA05961 for freebsd-net-outgoing; Mon, 11 Jan 1999 17:48:11 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from snowcrest.net (mtshasta.snowcrest.net [207.201.33.195]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA05955 for ; Mon, 11 Jan 1999 17:48:09 -0800 (PST) (envelope-from djewett@snowcrest.net) Received: from ws2600 (ppp456.snowcrest.net [209.148.37.88]) by snowcrest.net (8.8.5/8.8.5) with SMTP id RAA28709 for ; Mon, 11 Jan 1999 17:47:34 -0800 (PST) Message-ID: <001501be3dcd$634a8250$0afea8c0@ws2600> From: "Derek Jewett" To: Subject: natd & ipfw on multiple segments Date: Mon, 11 Jan 1999 17:46:33 -0800 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Can ipfw be used to "secure" multiple segments on the same box..? As well can I use natd to translate multiple segments Example; I have my FBSD box sitting between four segments. Local segment 192.168.254.0/24 xl0 Courthouse 192.168.19.0/24 xl1 State connection 158.96.243.0/26 xl2 Internet 209.60.81.0/26 xl3 I want to secure the 158 and 209 segments, would I just define multiple oif's in rc.firewall? There is only one "outside interface" in the file now. As well I want to translate anything from the 192 segments (private ip's) to the 158 segment, and the 209 segment since these segments use registered addressing. Would I just run natd once for each Interface? i.e. natd -interface xl2 & natd -interface xl3 Thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message