Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 May 2000 08:11:11 +0200
From:      Haider Roland <r.haider@liwest.at>
To:        "'freebsd-isp@freebsd.org'" <freebsd-isp@freebsd.org>
Cc:        "'David H. Brierley'" <dave@galaxia.com>
Subject:   AW: Routing: diverting only some nets to natd
Message-ID:  <1F879C64A1A7D211B0F10004AC4C07FC119D30@OFFICE1_LIWEST>

next in thread | raw e-mail | index | archive | help
Ok, thank's for your replies.
I try to give a bit more detail, hope it's enough to make
things clearer to me.

That's the setup:

1.2.1.0/24                           (fxp1)                (fxp0)
1.2.2.0/24  Dumb    1.2.5.4/30 ---- 1.2.5.3/30 BSD proxy 1.2.6.7/25 =
----
1.2.6.1
1.2.3.0/24  Router                              Router
1.2.4.0/24

BSD proxy routing:

default 1.2.6.1
static 1.2.1.0/24 1.2.5.4
static 1.2.2.0/24 1.2.5.4
static 1.2.3.0/24 1.2.5.4
static 1.2.4.0/24 1.2.5.4

natd interface fxp0

What i want is that 1.2.1.0 & 1.2.2.0 get routed straight through to
1.2.6.1 (works) and 1.2.3.0 & 1.2.4.0 get translated to 1.2.6.7 and
then sent to 1.2.6.1.

My problem is, that as long as i use

ipfw add divert ip from any to any via fxp0

all 4 nets get translated, and if i use

ipfw add divert ip from 1.2.3.0/24 to any via fxp0
ipfw add divert ip from 1.2.4.0/24 to any via fxp0

only the routing works and nothing gets translated.

on both interfaces ip from any to any is permitted
in the first stage (want to reduce it to 1.2.1.0-
1.2.4.0 for production )

Is there a way to get this working, and, even more
important, can somebody point me the right way?

regards,

roland
=20
> -----Urspr=FCngliche Nachricht-----
> Von:	David H. Brierley [SMTP:dave@galaxia.com]
> Gesendet am:	Sonntag, 21. Mai 2000 19:54
> An:	Haider Roland
> Betreff:	Re: Routing: diverting only some nets to natd
>=20
> On Fri, 19 May 2000, Haider Roland wrote:
>=20
> > I'm a bit confused by ipfw-natd.
>=20
> I don't claim to be a natd or ipfw expert, but I have used
> both tools a fair amount.  However, it is almost impossible
> to give any kind of advice in your situation without seeing
> the exact rules that you are trying to implement.
>=20
> --=20
> David H. Brierley
>     dave@galaxia.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1F879C64A1A7D211B0F10004AC4C07FC119D30>