From owner-freebsd-questions@FreeBSD.ORG Sat Aug 28 09:23:52 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2FAB816A4CE for ; Sat, 28 Aug 2004 09:23:52 +0000 (GMT) Received: from p15140542.pureserver.info (papendorf-se.de [217.160.222.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4EE943D5C for ; Sat, 28 Aug 2004 09:23:48 +0000 (GMT) (envelope-from freebsd@nagilum.org) Received: from localhost (localhost.localdomain [127.0.0.1]) by p15140542.pureserver.info (Postfix) with ESMTP id 2AA932F4117; Sat, 28 Aug 2004 11:23:47 +0200 (CEST) Received: from p15140542.pureserver.info ([127.0.0.1]) by localhost (p15140542 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27781-01; Sat, 28 Aug 2004 11:23:46 +0200 (CEST) Received: from cakebox.homeunix.net (stgt-d9bb5c42.pool.mediaWays.net [217.187.92.66]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by p15140542.pureserver.info (Postfix) with ESMTP id E8E482F405B; Sat, 28 Aug 2004 11:23:45 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by cakebox.homeunix.net (Postfix) with ESMTP id 78B0A3029BC; Sat, 28 Aug 2004 11:23:11 +0200 (CEST) Received: from cakebox.homeunix.net ([127.0.0.1]) by localhost (cakebox.tis [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 09407-03; Sat, 28 Aug 2004 11:23:05 +0200 (CEST) Received: from [10.1.1.4] (scorpio.tis [10.1.1.4]) by cakebox.homeunix.net (Postfix) with ESMTP id 0C1413029B7; Sat, 28 Aug 2004 11:23:04 +0200 (CEST) Message-ID: <41304F14.9040402@nagilum.org> Date: Sat, 28 Aug 2004 11:23:32 +0200 From: Nagilum User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.2) Gecko/20040803 X-Accept-Language: en-us, en MIME-Version: 1.0 To: stan References: <20040827192111.GA31521@teddy.fas.com> In-Reply-To: <20040827192111.GA31521@teddy.fas.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at cakebox.homeunix.net X-Virus-Scanned: by amavisd-new at papendorf-se.de cc: Free BSD Questions list Subject: Re: Can I NAT incoming connections? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Aug 2004 09:23:52 -0000 Hi Stan, if you use ipnat to do the NAT you need something like that in your ipnat.conf: rdr tun0 0/0 port 2000-2010 -> 192.168.1.20 port 2000 This would redirect the ports 2000-2010 on your gateway to the same ports on the machine 192.168.1.20 in your LAN. If you use pf it's pretty much the same: rdr on $ext_if port 2000-2010 -> 192.168.1.20 port 2000 check the proper man pages (ipnat.conf(5), pf.conf(5)) for the details. I hope this helps, kind regards, Alex. stan wrote: >I've set up a ppp conection (tuneled over ssh and socks) from a machine on >the home network to a mcahine at work. At home, where I have control of the >rotueing tables, I've set up routes to allow all amchines to use this >link to access the machine at work. > >However, I want more :-). I want to be able to access the rest of the >machiens at work. To do this the packest leaving the machine at work will >need to be NAT'ed to look like the originate _from_ that machine, and >unNAT'ed on the way out. > >Is this possible? > >If so, can anyone point me in the direction of some documentation as to how >to get it working? Both machines are (of course) FreeBSD machines. > > > >