From owner-freebsd-current@FreeBSD.ORG Fri Feb 24 01:52:13 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B25FD16A420 for ; Fri, 24 Feb 2006 01:52:13 +0000 (GMT) (envelope-from Alex.Kovalenko@verizon.net) Received: from vms048pub.verizon.net (vms048pub.verizon.net [206.46.252.48]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64EFE43D49 for ; Fri, 24 Feb 2006 01:52:13 +0000 (GMT) (envelope-from Alex.Kovalenko@verizon.net) Received: from RabbitsDen ([70.21.183.10]) by vms048.mailsrvcs.net (Sun Java System Messaging Server 6.2-4.02 (built Sep 9 2005)) with ESMTPA id <0IV6009CS570D492@vms048.mailsrvcs.net> for freebsd-current@freebsd.org; Thu, 23 Feb 2006 19:52:12 -0600 (CST) Date: Thu, 23 Feb 2006 19:22:10 -0500 From: "Alexandre \"Sunny\" Kovalenko" In-reply-to: <5FF33901-8CA6-49F0-9B39-0E5CD73A49E5@cian.ws> To: Cian Hughes Message-id: <1140740530.4217.9.camel@RabbitsDen> MIME-version: 1.0 X-Mailer: Evolution 2.4.2.1 FreeBSD GNOME Team Port Content-type: text/plain; charset=iso-8859-5 Content-transfer-encoding: 8BIT References: <5FF33901-8CA6-49F0-9B39-0E5CD73A49E5@cian.ws> Cc: freebsd-current@freebsd.org Subject: Re: Networking Puzzle X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Feb 2006 01:52:13 -0000 On Sat, 2006-02-18 at 22:42 +0000, Cian Hughes wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Here is one for those of you that like a challenge: > I have a freebsd 7-current box, it has two interfaces rl0 (connected > to wireless link) and rl1 (LAN) > rl0 has no addresses > I run PPPoE on rl0 which gives me an static IP address (lets call > this 1.2.3.4) and Default Gateway. > I also have a /29 of public IP's which are routed through this address > the first address x.x.x.1 is assigned to rl1 > > The normal setup is a cisco router on the wireless link, and all > computers route through it (but my cisco router is broken). > > Any traffic originating from 1.2.3.4 and going to the outside world > is blocked by an upstream firewall that I have no control over, > anything in my public range has no upstream firewalling. > > Sysctl is set to forward packets, and machines on the LAN with public > ips in my range work as expected. > > however if i do something like this: > ping freebsd.org > it fails because the packets automatically originate from 1.2.3.4 > > if I do this: > ping -S x.x.x.1 freebsd.org (thus setting the src address to a non- > firewalled IP) > it all goes fine and the packets return. > > Inbound connections (eg ssh) from the internet to x.x.x.1 work, but > obviously any web access from my freebsd box fails. > > My Question: How do i set the src address for all outbound packets > originating on my machine to x.x.x.1 instead of 1.2.3.4 when they are > passing through my pppoe tunnel? > > BTW this is not a show stopper for me, I have placed an old PII > machine between my server and the pppoe tunnel, which solves it. I'm > just curious as to whether or not there is a solution. > > Regards, Cian. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (Darwin) > > iD8DBQFD96LCaVVfOlCF0TQRAmsQAJwJq5N77DJZ/SC6qCR8hDpz0ty2mACcCfWl > s+/TkKXGcYiXFt3Ou2yxVdY= > =S5Pc > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" If I did not understand your setup, I do apologize, but it looks like natd -a x.x.x.1 should do the trick. Make sure that you are either have options IPDIVERT #divert sockets in your kernel configuration, or kldload ipdivert or better yet, read 'man natd' ;) -- Alexandre "Sunny" Kovalenko (Олександр Коваленко)