From owner-freebsd-hackers Sun Jan 12 21:49:21 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id VAA20766 for hackers-outgoing; Sun, 12 Jan 1997 21:49:21 -0800 (PST) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id VAA20725 for ; Sun, 12 Jan 1997 21:49:16 -0800 (PST) Message-Id: <199701130549.VAA20725@freefall.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA163684488; Mon, 13 Jan 1997 16:48:08 +1100 From: Darren Reed Subject: Re: IPFILTER To: brian@awfulhak.demon.co.uk (Brian Somers) Date: Mon, 13 Jan 1997 16:48:08 +1100 (EDT) Cc: chris@mail.bb.cc.wa.us, hackers@freebsd.org In-Reply-To: <199701122304.XAA08535@awfulhak.demon.co.uk> from "Brian Somers" at Jan 12, 97 11:04:02 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In some mail from Brian Somers, sie said: > > > Im setting up ipfilter to work on my system and I have it installed. > > But i need help configuring the rules so that it will actually work. > > > > > > I have two cards in the FBSD box. fxp0 and vx0 > > fpx0 is 208.8.136.10 > > vx0 is 10.16.14.1 > > > > i have a client on 10.16.14.100 and i want it to be translated to > > a 208.8.136.10 address so that it can go out. > > > > how do i do this? > > > > thanks > > > > chris coleman > > You need something like > > map tun0 10.16.14.0/24 -> 208.8.136.10 > > in /etc/natrules (say), then run 'ipnat /etc/natrules' or something like > that... I got this stuff working, but ftp DATA commands never worked and it > crashed the machine a few times. Socks, cached and ppp -alias are all far > superior ! ftp should always be done with a proxy agent. Darren