From owner-freebsd-questions@FreeBSD.ORG Sat Aug 21 18:58:42 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7FAE216A4CE for ; Sat, 21 Aug 2004 18:58:42 +0000 (GMT) Received: from mail1.panix.com (mail1.panix.com [166.84.1.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18A1943D49 for ; Sat, 21 Aug 2004 18:58:42 +0000 (GMT) (envelope-from stanb@panix.com) Received: from brillig.panix.com (brillig.panix.com [166.84.1.76]) by mail1.panix.com (Postfix) with ESMTP id 3E1DC4873A for ; Sat, 21 Aug 2004 14:58:41 -0400 (EDT) Received: from teddy.fas.com (pcp01011874pcs.mplsnt01.sc.comcast.net [68.58.182.33]) by brillig.panix.com (Postfix) with ESMTP id 9339B2AA0E for ; Sat, 21 Aug 2004 14:58:38 -0400 (EDT) Received: from stan by teddy.fas.com with local (Exim 3.36 #1 (Debian)) id 1Byb4Y-0003vt-00 for ; Sat, 21 Aug 2004 14:58:38 -0400 Date: Sat, 21 Aug 2004 14:58:37 -0400 From: stan To: Free BSD Questions list Message-ID: <20040821185837.GA14993@teddy.fas.com> Mail-Followup-To: Free BSD Questions list Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Editor: gVim X-Operating-System: Debian GNU/Linux X-Kernel-Version: 2.4.23 X-Uptime: 14:49:18 up 7 days, 3:43, 1 user, load average: 0.00, 0.02, 0.00 User-Agent: Mutt/1.5.4i Sender: Stan Brown Subject: Can I use netgraph to change packets source address? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Aug 2004 18:58:42 -0000 I'm trying to build a "vpn" from my home network to my work network. So far I've managed to ge the ppp link (tuneled over ssh through socks) between a mchine at work, and a machine at home. I've added routes to the work network on the mahcine at home, and added routes back to the ppp machine at home from my default router machien for bothe the work network numbers, and the (192.168.x.x) addresses of bpth ends of the ppp link. So, I can access any machien at home from the machine at work that originates the ppp link, and I can access that amchien from any machine on my network at home. So far so good, however the remaining stumbling block is getting beyond thta machine at work. The packets it puts on the woek network still have a source address of 192.168.x.x. And of course amchiens at work don't have nay idea how to get packets back to that network. I need the machine at work to do something like "reverse NAT", thta is I need for all the packets that it puts on the work network to have a src address of thta machine, and I need it to be able to translate the reply packets back to 192,168.x.x. Can I do this with netgraph or soemthing? -- "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin