Date: Mon, 12 Feb 2001 19:02:30 +0200 From: Tim Priebe <tim@iafrica.com.na> To: Nick Rogness <nick@rogness.net> Cc: Ryan Thompson <ryan@sasknow.com>, phil grainger <phil@ozxpress.com.au>, isp@FreeBSD.ORG Subject: Re: ip redirection Message-ID: <3A881726.E75A96CD@iafrica.com.na> References: <Pine.BSF.4.21.0102112150530.31897-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I suspect that nat is the solution to your problem. For this to work, all of your outgoing traffic, and your incoming traffic via the satellite feed must pass through the FreeBSD box. You then via nat change the source address for the protocols you want to come in via the satellite link. Tim. Nick Rogness wrote: > On Sun, 11 Feb 2001, Ryan Thompson wrote: > > > phil grainger wrote to isp@FreeBSD.ORG: > > > > > hi, > > > our isp recently got a satellite feed and i managed to get the squid > > > talking via the sat ip's ... > > > > > > no i am wanting to use the satellite for incoming ftp and incoming napster > > > traffic. > > > > > Incoming to your machine in via the sat? or incoming to your BSD > machine out via the sat from your clients? > > > > our servers run a 203. (land line) and 209. (satellite) networks our > > > clients use > > > 203. ip's > > You didn't provide enough details for anyone to help you. How is > your BSD machine connected, how are your clients connected? > > > > > > > our clients gateway is a freebsd 3-stable machine although i can change that > > > to a linux 2.2 box (of course i would prefer the freebsd solution!) > > > > > > the freebsd box is running ipnat and ipfw > > ipfw fwd X.X.X.X tcp from any to any 21 > > Where X.X.X.X is the ip of the next hop Sat router IP. Of course, > I am assuming that outbound ftp be redirected because I still > don't see how your network is laid out... > > I need more details. > > > > > I think you're making this more complicated than it should be. You can't > > route specific ports with IP--you can only route subnets. (Imagine how > > Sure you can, otherwise things like transparent proxy > suuport would not be doable. It's just not a good idea...most of > the time. For this implementation it is perfectly doable. > > > large routing tables would get if multiplexed by 64K possible port > > addresses :-) > > Of course you wouldn't do that on BGP ;-) > > Nick Rogness <nick@rogness.net> > - Keep on routing in a Free World... > "FreeBSD: The Power to Serve!" > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A881726.E75A96CD>