From owner-freebsd-questions Sun Aug 31 10:12:33 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id KAA10573 for questions-outgoing; Sun, 31 Aug 1997 10:12:33 -0700 (PDT) Received: from awfulhak.demon.co.uk (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id KAA10546 for ; Sun, 31 Aug 1997 10:12:01 -0700 (PDT) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.demon.co.uk (8.8.5/8.8.5) with ESMTP id RAA04114; Sun, 31 Aug 1997 17:55:14 +0100 (BST) Message-Id: <199708311655.RAA04114@awfulhak.demon.co.uk> X-Mailer: exmh version 2.0zeta 7/24/97 To: Russell Vincent cc: freebsd-questions@FreeBSD.ORG Subject: Re: Problem with packet alias/natd In-reply-to: Your message of "Sat, 31 Aug 1997 13:13:30 +0200." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 31 Aug 1997 17:55:14 +0100 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > I am seeing an anomoly when using natd to do address translation. > > On a host (137.158.128.10): > > # ipfw a 88 divert 8888 tcp from 137.158.128.1 to 137.158.128.10 23 > 00089 divert 8888 tcp from 137.158.128.1 to 137.158.128.10 23 > # natd -v -p 8888 -a 137.158.128.10 redirect_address 137.158.128.7 0.0.0.0 > > I read that as anything received from host 137.158.128.1 to > 137.158.128.10:23 is diverted to natd, which translates the source > address to 137.158.128.10 (the aliasing machine) and destination > address to 137.158.128.7. Nope. The source address should stay the same. Natd will change the dst address to 137.158.128.7. > The natd output after a telnet from 137.158.128.1 to 137.158.128.10: > In [TCP] 137.158.128.1:1096 -> 137.158.128.10:23 aliased to > 137.158.128.1:1096 -> 137.158.128.10:23 > [ Repeated until I stop natd ] Did you really leave out the ``-'' above (before redirect_address) ? I would suggest that this is the problem :-) > Try a different tactic by picking up the alias address from the > interface (de): > > # natd -v -p 8888 -n de0 -redirect_address 137.158.128.7 0.0.0.0 > In [TCP] 137.158.128.1:1100 -> 137.158.128.10:23 aliased to > 137.158.128.1:1100 -> 137.158.128.7:23 > > Hmmm ... the interface address for de0 is the same as the '-a' address > above (137.158.128.10). > > i.e: Neither of the above works, but I get different results. > > Am I doing something wrong or perhaps expecting too much > from natd? Hmm, I suspect the missing ``-'' is just a typo here. The only thing I can see wrong with your setup is that you're not passing return traffic to natd: ipfw a 89 divert 8888 tcp from 137.158.128.10 23 to 137.158.128.1 Are you using the latest version of natd ? Version 1.5 is on Ari's site (ftp.suutari.iki.fi) or on mine (www.awfulhak.org). It's also in RELENG_2_2 & -current. > Thanks > -Russell > -- Brian , Don't _EVER_ lose your sense of humour....