From owner-freebsd-ipfw@FreeBSD.ORG  Sun Jun 30 20:27:02 2013
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 98A81BC1;
 Sun, 30 Jun 2013 20:27:02 +0000 (UTC)
 (envelope-from sodynet1@gmail.com)
Received: from mail-pd0-x231.google.com (mail-pd0-x231.google.com
 [IPv6:2607:f8b0:400e:c02::231])
 by mx1.freebsd.org (Postfix) with ESMTP id 704C11AB1;
 Sun, 30 Jun 2013 20:27:02 +0000 (UTC)
Received: by mail-pd0-f177.google.com with SMTP id p10so2089017pdj.22
 for <multiple recipients>; Sun, 30 Jun 2013 13:27:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=TfDgrVxJL97/2ej+sxQZasnhfjjOL9gNarzZM+NA4n8=;
 b=jW/dN86WSgISpahtrkT8TKVqJSQcTVj+vnK7BMKE3rkUqCA6X0zXFaFVYaAWeH5+zY
 lN73zJlGVji1Ai4vygaolf3lNkzD/3vR9/vFzvW1OM7oArTTYXt+wQnZmTaaYDspz/7u
 c2dPbE8jXqwP/dvqoGGPEGeh6tCNir4HuSzceyWgXHpvfInVAtMtnxsOX6nkE2gU7640
 6Eo/xFhpJHD9f5dtAbCipoaGhVh0PSP0/PVLpGS97LONQ5nOYo5pfnLGQtIgZpMBiGEN
 q5J7mCgpLDow606GkiYjcHRlAiSXQIh9+J7ZD4fBhAu6jTuLHxJsHwFlP2YkAeQrVaZL
 7ycw==
MIME-Version: 1.0
X-Received: by 10.66.179.78 with SMTP id de14mr20399981pac.18.1372624022285;
 Sun, 30 Jun 2013 13:27:02 -0700 (PDT)
Received: by 10.70.71.7 with HTTP; Sun, 30 Jun 2013 13:27:02 -0700 (PDT)
In-Reply-To: <51D04FA8.8080900@grosbein.net>
References: <CAEW+ogYp61U2zjicksYekSdfmLLZh5g9QM3GUg4n16ZbudVZtg@mail.gmail.com>
 <20130629002959.GB20376@nat.myhome>
 <CAEW+ogZ=a6LZavOtcb_egNWFQ8bJP0gzP6pc90tu1dcWC9K80A@mail.gmail.com>
 <51D006F6.6060809@grosbein.net>
 <CAEW+ogbx15KiayBHFJ7T1YVGQ2pwm1ArQaSrjUk6XUOBgVPggA@mail.gmail.com>
 <51D04FA8.8080900@grosbein.net>
Date: Sun, 30 Jun 2013 23:27:02 +0300
Message-ID: <CAEW+ogZQ1bHOBNvxkLqnFRrR_b4=e+Yx9wUjWC8YYr__QsBe3w@mail.gmail.com>
Subject: Re: DNAT in freebsd
From: Sami Halabi <sodynet1@gmail.com>
To: Eugene Grosbein <eugen@grosbein.net>
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>,
 "Paul A. Procacci" <pprocacci@datapipe.com>,
 freebsd-ipfw <freebsd-ipfw@freebsd.org>
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Jun 2013 20:27:02 -0000

Hi Eugene,

It simply doesn't work for me, the reverse option doesn't work properly for
me.... it keeps translating the source instead of the destination...


On Sun, Jun 30, 2013 at 6:32 PM, Eugene Grosbein <eugen@grosbein.net> wrote:

> On 30.06.2013 18:48, Sami Halabi wrote:
> > Hi,
> > I don't understand how reverse mode works exactly, and didn't find a
> good example.
> >
> >
> > can you try and help on the configuration?
>
> Well, that's pretty simple. Generally, NAT translates source IP address of
> the packet
> keeping destination IP intact. You need both of source and
> destination addresses get translated. Reverse NAT translates does,
> well, reverse thing: it translates destination IP keeping source IP intact.
> So, you just need setup two ipfw nat instances, one "general" and one
> "reverse"
> and pass your packets through both instances.
>
> Eugene Grosbein
>
>
>


-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert