Date: Mon, 18 Dec 2000 07:16:40 -0800 From: "DINKEY,GENE (HP-Loveland,ex1)" <gene_dinkey@hp.com> To: "'heistand@heistand.org'" <heistand@heistand.org>, freebsd-questions@freebsd.org Subject: RE: bridging/natd problems Message-ID: <F341E03C8ED6D311805E00902761278C531505@xfc04.fc.hp.com>
next in thread | raw e-mail | index | archive | help
This may help a bit: I'm running FreeBSD 3.4-RELEASE I run natd for the same reason...I have 2 nic's ed1 (the external network) and ed2 (my interal network). In /etc/rc.firewall: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via ed1 /sbin/ipfw add pass all from any to any (got those from the natd man page) and in rc.conf: natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_interface="ed1" # Public interface or IPaddress to use. natd_flags="-f /usr/local/etc/natd.conf" # Additional flags for natd. The /usr/local/etc/natd.conf is just my config file, I have a few ports I needed to be passed thorugh to my windows box with no filtering so ceartain applications would work correctly (like dialpad.com and napster). Otherwise I have had zero problems with this, there is probably a more efficent way to do this but this has always worked for me. If you just follow the instructions in man natd you should have no problems setting this up (if you have 2 nics at least) Gene Dinkey Hewlett Packard Customer Care TCD - PA-RISC based workstations Phone: 970.278.8732 Fax: 970.613.2257 > -----Original Message----- > From: heistand@heistand.org [mailto:heistand@heistand.org] > Sent: Monday, December 18, 2000 8:07 AM > To: freebsd-questions@freebsd.org > Subject: bridging/natd problems > > > Hi folks, > > I am running a freebsd box as a bridge between a dsl modem > and the rest > of my internal network. I have some real and some fake IPs on > the inside. > The real IP machines are working just fine getting to the outside > world but the fake ones are having problems. I am running > natd (-s -u -m -n external_ethernet) > and when I slap in the ipfw rule of > > ipfw add divert natd all from any to any via fxp0 > > my fake IPs work but the real IPs stop. Removing the line > switches which ones > work. I had thought perhaps a divert line of something like > > ipfw add divert natd all from 10.0.0.0/8 to any via fxp0 > > amight only divert the packets from the inside fake IP > machines but it doesnt work > so Im guessing that I am missing something. > > Anyone have any thoughts? > > thanks > > -- > Steve Heistand > heistand@heistand.org > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F341E03C8ED6D311805E00902761278C531505>