From owner-freebsd-questions Thu Feb 17 1:29:35 2000 Delivered-To: freebsd-questions@freebsd.org Received: from vail.net (vail.net [199.45.148.10]) by hub.freebsd.org (Postfix) with ESMTP id 899C337B624; Thu, 17 Feb 2000 01:29:30 -0800 (PST) (envelope-from ivanfetch@technologist.com) Received: from gatekeeper.cfcc.com (cfcc.com [204.144.216.251]) by vail.net (8.9.3/8.9.3) with ESMTP id CAA11443; Thu, 17 Feb 2000 02:24:47 -0700 (MST) Received: from ibis.ivanfetch.tzo.com (168.191.167.85 [168.191.167.85]) by gatekeeper.cfcc.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.1960.3) id FB03WJ6A; Thu, 17 Feb 2000 02:33:15 -0700 Date: Thu, 17 Feb 2000 02:28:00 -0700 (MST) From: Ivan Fetch X-Sender: ifetch@ibis.ivanfetch.tzo.com To: Jeff Lush Cc: freebsd-ipfw@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: natd -dynamic question In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, The -dynamic option basically watches for IP address changes on your "public" interface so that natd can make appropriate changes in it's address translations. This is exactly what you want for a DHCP address, which will probably change from time-to-time. If the dhcp address changes and you do not use -dynamic, natd will still be trying to forward using the old dhcp address. Your configuration can look something like this (as I do not know exactly what release of FreeBSD you are running this could be slightly different but I doubt it): in /etc/rc.conf: natd_enable="YES" # Enable natd natd_interface="ed1" # THe public interface to the Internet, replace with # your real one natd_flags="-f /etc/natd.conf" # Read more flags from this file Now we can put other natd rules in /etc/natd.conf to make life easier - This goes in /etc/natd.conf: unregistered_only yes dynamic If you have IP addresses on your internal network that are of the unregistered range of addresses (i.e. 192.168.0.X) those will now automatically be forwarded by natd. Hope this helps, Ivan. On Thu, 10 Feb 2000, Jeff Lush wrote: > Hello all, > > I would like to try setting up natd/ipfw for use behind a DHCP server, and > was wondering what the -dynamic option for natd did? Any ideas would be > appreciated. > > Thanks, > > Jeff Lush > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message