From owner-freebsd-questions Sun Jul 1 0: 3: 0 2001 Delivered-To: freebsd-questions@freebsd.org Received: from omsk.mushinsky.net (omsk.mushinsky.net [66.9.37.251]) by hub.freebsd.org (Postfix) with ESMTP id 5AF6237B406 for ; Sun, 1 Jul 2001 00:02:50 -0700 (PDT) (envelope-from imush@mail.ru) Received: from omsk.mushinsky.net (itz@localhost [127.0.0.1]) by omsk.mushinsky.net (8.11.3/8.11.1) with SMTP id f614KIC73975; Sun, 1 Jul 2001 00:20:18 -0400 (EDT) (envelope-from imush@mail.ru) Content-Type: text/plain; charset="koi8-r" From: Isaac Mushinsky To: tyler spivey , "freebsd-questions" Subject: Re: how to setup natd under ipf? Date: Sun, 1 Jul 2001 00:20:18 -0400 X-Mailer: KMail [version 1.2] References: <200106302050.f5UKoRa00311@home.com> In-Reply-To: <200106302050.f5UKoRa00311@home.com> MIME-Version: 1.0 Message-Id: <01070100201800.73812@omsk.mushinsky.net> Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Saturday 30 June 2001 16:50, you wrote: > place cc me sicne i am not on this list. > how do i get nat on ipf? > it says unknown keyword map. > map rl0 10.0.0.0/24 -> 0/32 > it worked under ipfw. > and ihave natd_enable and all that in rc.conf. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message In your kernel config file you shoud have options=09 IPFIREWALL options IPDIVERT also possibly options MROUTING options IPFIREWALL_FORWARD options IPV6FIREWALL if not, recompile kernel with these. Now use ipfw. For example, I have 2 ethernet cards on the firewall: rl0 g= oes to DSL modem and dc0 to another box. For a wide open diversion use $ ipfw -f flush $ ipfw add divert 8668 all from any to any via rl0 $ ipfw add allow all from any to any $ /sbin/natd To set this up on boot, here is my rc.conf: inetd_enable=3D"YES" ifconfig_rl0=3D"inet xxx.xxx.xxx.xxx netmask 255.255.255.0" <<<< my s= tatic IP address there defaultrouter=3D"xxx.xxx.xxx.1" = <<<< gateway from my ISP tcp_extensions=3D"YES" nisdomainname=3D"NO" network_interfaces=3D"ppp0 rl0 dc0 lo0" ifconfig_dc0=3D"inet 192.168.2.100 netmask 255.255.255.0" ipv6_enable=3D"YES" firewall_enable=3D"YES" natd_program=3D"/sbin/natd" natd_interface=3D"rl0" natd_enable=3D"YES" and rc.network: /sbin/ipfw -f flush /sbin/ipfw add divert 8668 all from any to any via rl0 /sbin/ipfw add allow all from any to any To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message