From owner-freebsd-questions@FreeBSD.ORG Wed Jan 29 15:52:12 2014 Return-Path: <owner-freebsd-questions@FreeBSD.ORG> Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F193CCBF for <freebsd-questions@freebsd.org>; Wed, 29 Jan 2014 15:52:12 +0000 (UTC) Received: from frv198.fwdcdn.com (frv198.fwdcdn.com [212.42.77.198]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A9353187F for <freebsd-questions@freebsd.org>; Wed, 29 Jan 2014 15:52:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ukr.net; s=ffe; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References:In-Reply-To:Message-Id:Cc:To:Subject:From:Date; bh=W/2sN2hdeOL1WgIFGx3yjzjl/gJDKx1oITuVLlu3yqY=; b=kd8tFyadOqFljZlukK+UCjA03s5X4leezIdvzgw6/b9ZPawKmZh12W6ROkMVRzMaxNOor+5LSjWj3nYtE3lbsPt9EuKKE+KFgS+86w2p7O5JynpQXxVvXDCTMwYa9xJGpHC5eh/ahN57Ji/3ZoqF7ywIIpRD8W8zyGBAkw6QnsQ=; Received: from [10.10.10.35] (helo=frv35.ukr.net) by frv198.fwdcdn.com with smtp ID 1W8XQt-0007aU-LK for freebsd-questions@freebsd.org; Wed, 29 Jan 2014 17:52:07 +0200 Date: Wed, 29 Jan 2014 17:52:07 +0200 From: Vladislav Prodan <universite@ukr.net> Subject: Re[2]: Necessary to implement static NAT 1:1 To: frank2@fjl.co.uk X-Mailer: mail.ukr.net 5.0 Message-Id: <1391010653.726619904.szvwo6t9@frv35.ukr.net> In-Reply-To: <52E91B3D.4000601@fjl.co.uk> References: <1390999493.115887823.pfbg2ep5@frv35.ukr.net> <52E91B3D.4000601@fjl.co.uk> MIME-Version: 1.0 Received: from universite@ukr.net by frv35.ukr.net; Wed, 29 Jan 2014 17:52:07 +0200 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: binary Content-Disposition: inline Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions <freebsd-questions.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/> List-Post: <mailto:freebsd-questions@freebsd.org> List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 29 Jan 2014 15:52:13 -0000 > > On 29/01/2014 12:45, Vladislav Prodan wrote: > > Necessary to implement static NAT 1:1 > > > > 10.1.2.3 -> 100.1.2.3 > > 10.1.2.4 -> 100.1.2.4 > > 10.1.2.5 -> 100.1.2.5 > > 10.1.2.6 -> 100.1.2.6 > > ... > > IP addresses such an over 20k > > prompt you implement? > > > I don't understand the question exactly (I expect I will not be the only > one). natd will allow 1:1 mappings like this very easily. Are you saying > you have a lot of these and you do not want to write the config file by > hand? > > I'm not sure that FreeBSD withstand an over 20k rules of the form: ipfw nat 3 config ip 100.1.2.3 ipfw nat 4 config ip 100.1.2.4 ipfw nat 5 config ip 100.1.2.5 ipfw nat 6 config ip 100.1.2.6 ... + Two rules to handle each nat N Probably need to somehow use nat tablearg, but I do not understand logic. -- Vladislav V. Prodan System & Network Administrator http://support.od.ua +380 67 4584408, +380 99 4060508 VVP88-RIPE