From owner-freebsd-hackers  Mon Dec 15 14:48:59 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id OAA23451
          for hackers-outgoing; Mon, 15 Dec 1997 14:48:59 -0800 (PST)
          (envelope-from owner-freebsd-hackers)
Received: from server.local.sunyit.edu (A-T34.rh.sunyit.edu [150.156.210.241])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id OAA23439
          for <freebsd-hackers@FreeBSD.ORG>; Mon, 15 Dec 1997 14:48:42 -0800 (PST)
          (envelope-from perlsta@cs.sunyit.edu)
Received: from localhost (perlsta@localhost)
	by server.local.sunyit.edu (8.8.8/8.8.5) with SMTP id RAA01218;
	Mon, 15 Dec 1997 17:45:19 -0500 (EST)
X-Authentication-Warning: server.local.sunyit.edu: perlsta owned process doing -bs
Date: Mon, 15 Dec 1997 17:45:19 -0500 (EST)
From: Alfred Perlstein <perlsta@cs.sunyit.edu>
X-Sender: perlsta@server.local.sunyit.edu
To: Dmitry Baranov <dima@stv.ee>
cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: Internal network->Internet
In-Reply-To: <3495499E.621A5474@stv.ee>
Message-ID: <Pine.BSF.3.96.971215173855.22305A-100000@server.local.sunyit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

you should look into the program 'NATd' it's in the ports collection,
i have a semi-helpful webpage up that might be of help to you:

www.cs.sunyit.edu/~perlsta

click on the unix link. then look at the info

you will have to understand the what protocols are being used by the
product...

NATd rules because it's very transparent, FTP, IRC and a LOT of otherstuff
work with it, however weird stuff using UPD transport will probably break,
and if you NEED it to work you will only have one machine capable of
resonding....

on another note, NATd allows 'tunneling' of requests to be passed to other
machines, ie. you telnet to machine A and it completes a circut to machine
B.... it's all very neeto.

.________________________________________________________________________ __ _
|Alfred Perlstein - Programming & SysAdmin --"Have you seen my FreeBSD tatoo?"
|perlsta@sunyit.edu                        --"who was that masked admin?"
|http://www.cs.sunyit.edu/~perlsta
:
'

On Mon, 15 Dec 1997, Dmitry Baranov wrote:

> Hello.
> I have an internal subnet like 192.168.X.X and only a handful of real
> ip adresses.
> I whant to allow machines from internal networks get services from
> Internet.
> I install squid proxy for ftp and http service. Nntpcache for news.
> But can somebody helps me how can I allow icq traffgic ?
> I tried SOCKS 5 with no effect.
> 
> Dmitry Baranov
> 
>