From owner-freebsd-net@FreeBSD.ORG  Sun Jun 30 15:33:19 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id AA520193;
 Sun, 30 Jun 2013 15:33:19 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13::5])
 by mx1.freebsd.org (Postfix) with ESMTP id 0B236119C;
 Sun, 30 Jun 2013 15:33:18 +0000 (UTC)
Received: from eg.sd.rdtc.ru (localhost [127.0.0.1])
 by eg.sd.rdtc.ru (8.14.7/8.14.7) with ESMTP id r5UFX1ri036097;
 Sun, 30 Jun 2013 22:33:01 +0700 (NOVT)
 (envelope-from eugen@grosbein.net)
Message-ID: <51D04FA8.8080900@grosbein.net>
Date: Sun, 30 Jun 2013 22:32:56 +0700
From: Eugene Grosbein <eugen@grosbein.net>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:17.0) Gecko/20130415 Thunderbird/17.0.5
MIME-Version: 1.0
To: Sami Halabi <sodynet1@gmail.com>
Subject: Re: DNAT in freebsd
References: <CAEW+ogYp61U2zjicksYekSdfmLLZh5g9QM3GUg4n16ZbudVZtg@mail.gmail.com>
 <20130629002959.GB20376@nat.myhome>
 <CAEW+ogZ=a6LZavOtcb_egNWFQ8bJP0gzP6pc90tu1dcWC9K80A@mail.gmail.com>
 <51D006F6.6060809@grosbein.net>
 <CAEW+ogbx15KiayBHFJ7T1YVGQ2pwm1ArQaSrjUk6XUOBgVPggA@mail.gmail.com>
In-Reply-To: <CAEW+ogbx15KiayBHFJ7T1YVGQ2pwm1ArQaSrjUk6XUOBgVPggA@mail.gmail.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>,
 "Paul A. Procacci" <pprocacci@datapipe.com>,
 freebsd-ipfw <freebsd-ipfw@freebsd.org>
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Jun 2013 15:33:19 -0000

On 30.06.2013 18:48, Sami Halabi wrote:
> Hi,
> I don't understand how reverse mode works exactly, and didn't find a good example.
> 
> 
> can you try and help on the configuration?

Well, that's pretty simple. Generally, NAT translates source IP address of the packet
keeping destination IP intact. You need both of source and
destination addresses get translated. Reverse NAT translates does,
well, reverse thing: it translates destination IP keeping source IP intact.
So, you just need setup two ipfw nat instances, one "general" and one "reverse"
and pass your packets through both instances.

Eugene Grosbein