From owner-freebsd-questions@FreeBSD.ORG  Fri Feb 17 16:42:56 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5829416A420
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Feb 2006 16:42:56 +0000 (GMT)
	(envelope-from gregb@scls.lib.wi.us)
Received: from mail.scls.lib.wi.us (mail.scls.lib.wi.us [198.150.40.25])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B3B5B43D48
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Feb 2006 16:42:44 +0000 (GMT)
	(envelope-from gregb@scls.lib.wi.us)
Received: from [172.26.2.238] ([172.26.2.238])
	by mail.scls.lib.wi.us (8.12.9p2/8.12.9) with ESMTP id k1HGghR4023053
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Feb 2006 10:42:43 -0600 (CST)
	(envelope-from gregb@scls.lib.wi.us)
Message-ID: <43F5FD03.4080500@scls.lib.wi.us>
Date: Fri, 17 Feb 2006 10:42:43 -0600
From: Greg Barniskis <gregb@scls.lib.wi.us>
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: freebsd-questions <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: question on NAT for multiple subnets
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Feb 2006 16:42:56 -0000

I'm sure I could figure this out from scrutinizing Google, the 
FreeBSD documentation, and testing in a lab, but I'm particularly 
pressed for time on finding the right answer to this.

For a long time we've been quite happy coalescing all private IP 
client requests onto a single public IP address through NAT. 
Management now wants more granularity, at least one unique public IP 
per private subnet.

Can I set up a single ipfw box that examines client source ip addrs 
and provides different public NAT addrs for each private client subnet?

Any pointers to the best way to think about this issue much 
appreciated. If the answer is ipfw doesn't handle this, but some 
other fw does, fine, I just need to know which. Thanks!


-- 
Greg Barniskis, Computer Systems Integrator
South Central Library System (SCLS)
Library Interchange Network (LINK)
<gregb at scls.lib.wi.us>, (608) 266-6348