From owner-freebsd-questions  Sat Oct 28 21:58:30 2000
Received: from ( [])
	by (Postfix) with ESMTP id 99A7B37B4C5
	for <>; Sat, 28 Oct 2000 21:58:28 -0700 (PDT)
Received: from ( [])
	by (8.9.3/8.9.3) with ESMTP id VAA91426;
	Sat, 28 Oct 2000 21:58:10 -0700 (PDT)
Message-ID: <>
Date: Sat, 28 Oct 2000 22:12:35 -0700
From: UCTC Sysadmin <>
Organization: UC Telecommunications Company
X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.1-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Peter Kasala <>
Subject: Re: Konfigure Kernel (how to make NAT work)
References: <001101c03f24$a4d10c30$3a00a8c0@slowakei>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> Peter Kasala wrote:
> Hi I run the natd program, but I don't find a configure file natd.conf, but I must rewrite this file.
> I compile the kernel with ipfw option, but I know'n compile kernel with any option natd too.
> Must I compile kernel? and witch is the option?
> If I no compile kernel where I found configure file, I must it!!

You don't need a natd.conf file if you use the defaults.
If you want to remap specific services (port numbers) to
specific addresses, you need the file. You have to write
the file. "man natd.conf" if you really need the file,
but bread-and-butter NAT you don't.
The file is /etc/natd.conf.

The flags I use for natd are -m -s -u. If you are using FreeBSD 4+,
/etc/rc.conf has labels to enable natd and you would insert those
flags in the NATD_FLAGS= label. Then I think even the /etc/rc.firewall
file will enable the necessary firewall rule for NAT.

The kernel config file, you need


I would also suggest

option IPFIREWALL_LOG_LIMIT-whatever, turn it off (don't use it)

read the LINT file to see the correct names for these options.

The LOG_LIMIT thing, you can always set a limit later using
sysctl command and if you have a 'deny log' rule to catch bad guys
you probably would like to see each and every hit logged.

To Unsubscribe: send mail to
with "unsubscribe freebsd-questions" in the body of the message