From owner-freebsd-questions@FreeBSD.ORG Sat Aug 21 20:12:46 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A24B16A4CE for ; Sat, 21 Aug 2004 20:12:46 +0000 (GMT) Received: from mail3.speakeasy.net (mail3.speakeasy.net [216.254.0.203]) by mx1.FreeBSD.org (Postfix) with ESMTP id 23DC443D1F for ; Sat, 21 Aug 2004 20:12:46 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 24854 invoked from network); 21 Aug 2004 20:12:45 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.no-ip.com) ([66.92.78.145]) (envelope-sender ) by mail3.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 21 Aug 2004 20:12:45 -0000 Received: by be-well.no-ip.com (Postfix, from userid 1147) id 1340E7D; Sat, 21 Aug 2004 16:12:45 -0400 (EDT) Sender: lowell@be-well.ilk.org To: stan References: <20040821185837.GA14993@teddy.fas.com> From: Lowell Gilbert Date: 21 Aug 2004 16:12:44 -0400 In-Reply-To: <20040821185837.GA14993@teddy.fas.com> Message-ID: <448yc8s11f.fsf@be-well.ilk.org> Lines: 26 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: FreeBSD Questions list Subject: Re: Can I use netgraph to change packets source address? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: FreeBSD Questions list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Aug 2004 20:12:46 -0000 stan writes: > I'm trying to build a "vpn" from my home network to my work network. > > So far I've managed to ge the ppp link (tuneled over ssh through socks) > between a mchine at work, and a machine at home. I've added routes to the > work network on the mahcine at home, and added routes back to the ppp > machine at home from my default router machien for bothe the work network > numbers, and the (192.168.x.x) addresses of bpth ends of the ppp link. So, > I can access any machien at home from the machine at work that originates > the ppp link, and I can access that amchien from any machine on my network > at home. > > So far so good, however the remaining stumbling block is getting beyond > thta machine at work. The packets it puts on the woek network still have a > source address of 192.168.x.x. And of course amchiens at work don't have > nay idea how to get packets back to that network. > > I need the machine at work to do something like "reverse NAT", thta is I > need for all the packets that it puts on the work network to have a src > address of thta machine, and I need it to be able to translate the reply > packets back to 192,168.x.x. > > Can I do this with netgraph or soemthing? Isn't this exactly what the -nat option of ppp(8) is for?