From owner-freebsd-questions  Mon Mar 18 12:41:42 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id 3B54937B43B
	for <questions@FreeBSD.ORG>; Mon, 18 Mar 2002 12:41:10 -0800 (PST)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id g2IKhZL20342;
	Mon, 18 Mar 2002 14:43:35 -0600 (CST)
	(envelope-from nick@rogness.net)
Date: Mon, 18 Mar 2002 14:43:35 -0600 (CST)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Diego Linke - GAMK <linke@magicwebdesign.com.br>
Cc: questions@FreeBSD.ORG
Subject: Re: Advanced Routing
In-Reply-To: <20020318161526.374ae286.linke@magicwebdesign.com.br>
Message-ID: <Pine.BSF.4.21.0203181424470.19085-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Mon, 18 Mar 2002, Diego Linke - GAMK wrote:

> Hi,
> 
> I had a machine with linux and a package called "ip advanced routing".
> That computer's disk got burned and then I chose to use BSD instead of
> reinstalling linux. The problem now follows:
> 
> It has 3 networks cards, one to the internal network (192.168.0.X) ,
> another to an ADSL router and the third to a leased line Internet link
> (NIC).
> 
> I need to NAT the internal network, being able to choose which IPs go
> "nated" for the ADSL or for the leased line. The company's Directors
> already asked me to return to Linux, since it has "ip advanced
> routing". I'm struggling to mantain BSD on our servers, and I cannot
> believe it's not possible to perform this function under this so
> advanced system.
> 

	This is fairly simple to do using ipfw fwd and 2 copies of natd.
	
	add 100 fwd $GW_LL ip from 192.168.0.X to any out via de0
	add 101 fwd $GW_LL ip from 192.168.0.Y to any out via de0
	add 102 fwd $GW_LL ip from 192.168.0.Z to any out via de0
	add 1000 divert 8668 ip from any to any via de0
	add 2000 divert 8669 ip from any to any via de1

	This ruleset assumes that your default gateway is out de0
	(DSL) and you are forwarding 192.168.0.[XYZ] out the Leased line.
	2 different instances of natd running on different ports (8668
	& 8669) and interfaces (de0 and de1).  Also, $GW_LL is the
	next-hop address of the leased line (via de1). So:

	# natd -p 8668 -n de0
	# natd -p 8669 -n de1

	Add the above ruleset and things should work.  Assuming the above
	comments.

Nick Rogness <nick@rogness.net>
 - Don't mind me...I'm just sniffing your packets


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message