From owner-freebsd-questions Mon Dec 18 7:16:56 2000 From owner-freebsd-questions@FreeBSD.ORG Mon Dec 18 07:16:53 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226]) by hub.freebsd.org (Postfix) with ESMTP id 8011B37B400 for ; Mon, 18 Dec 2000 07:16:53 -0800 (PST) Received: from omgw2.boi.hp.com (omgw2.boi.hp.com [15.56.8.102]) by palrel3.hp.com (Postfix) with ESMTP id C1556BBF2; Mon, 18 Dec 2000 07:16:51 -0800 (PST) Received: from xrosebh3.rsvl.itc.hp.com (xrosebh3.rsvl.itc.hp.com [15.34.240.67]) by omgw2.boi.hp.com (8.9.3 (PHNE_18979)/8.9.3 SMKit6.0.6 OpenMail) with ESMTP id IAA27941; Mon, 18 Dec 2000 08:16:50 -0700 (MST) Received: by xrosebh3.rsvl.itc.hp.com with Internet Mail Service (5.5.2650.21) id ; Mon, 18 Dec 2000 07:16:54 -0800 Message-ID: From: "DINKEY,GENE (HP-Loveland,ex1)" To: "'heistand@heistand.org'" , freebsd-questions@freebsd.org Subject: RE: bridging/natd problems Date: Mon, 18 Dec 2000 07:16:40 -0800 Return-Receipt-To: "DINKEY,GENE (HP-Loveland,ex1)" MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This may help a bit: I'm running FreeBSD 3.4-RELEASE I run natd for the same reason...I have 2 nic's ed1 (the external network) and ed2 (my interal network). In /etc/rc.firewall: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via ed1 /sbin/ipfw add pass all from any to any (got those from the natd man page) and in rc.conf: natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_interface="ed1" # Public interface or IPaddress to use. natd_flags="-f /usr/local/etc/natd.conf" # Additional flags for natd. The /usr/local/etc/natd.conf is just my config file, I have a few ports I needed to be passed thorugh to my windows box with no filtering so ceartain applications would work correctly (like dialpad.com and napster). Otherwise I have had zero problems with this, there is probably a more efficent way to do this but this has always worked for me. If you just follow the instructions in man natd you should have no problems setting this up (if you have 2 nics at least) Gene Dinkey Hewlett Packard Customer Care TCD - PA-RISC based workstations Phone: 970.278.8732 Fax: 970.613.2257 > -----Original Message----- > From: heistand@heistand.org [mailto:heistand@heistand.org] > Sent: Monday, December 18, 2000 8:07 AM > To: freebsd-questions@freebsd.org > Subject: bridging/natd problems > > > Hi folks, > > I am running a freebsd box as a bridge between a dsl modem > and the rest > of my internal network. I have some real and some fake IPs on > the inside. > The real IP machines are working just fine getting to the outside > world but the fake ones are having problems. I am running > natd (-s -u -m -n external_ethernet) > and when I slap in the ipfw rule of > > ipfw add divert natd all from any to any via fxp0 > > my fake IPs work but the real IPs stop. Removing the line > switches which ones > work. I had thought perhaps a divert line of something like > > ipfw add divert natd all from 10.0.0.0/8 to any via fxp0 > > amight only divert the packets from the inside fake IP > machines but it doesnt work > so Im guessing that I am missing something. > > Anyone have any thoughts? > > thanks > > -- > Steve Heistand > heistand@heistand.org > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message