From owner-freebsd-questions Tue Jul 7 16:29:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA19212 for freebsd-questions-outgoing; Tue, 7 Jul 1998 16:29:17 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA19200 for ; Tue, 7 Jul 1998 16:29:11 -0700 (PDT) (envelope-from julian@whistle.com) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id QAA23378; Tue, 7 Jul 1998 16:23:37 -0700 (PDT) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpd023373; Tue Jul 7 23:23:31 1998 Date: Tue, 7 Jul 1998 16:23:26 -0700 (PDT) From: Julian Elischer To: "Daniel M. Eischen" cc: questions@FreeBSD.ORG Subject: Re: NATD problems In-Reply-To: <199807072106.QAA24268@iworks.interworks.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG divert/ipfw went through a rough patch around then in 2.2 make sure you have new versions of: ip_fw.c, ip_divert.c, ip_input.c and ip_output.c On Tue, 7 Jul 1998, Daniel M. Eischen wrote: > > I can't get NATD to properly translate addresses. Can > someone point out what I'm doing wrong? BTW, this is all > on a 2.2-stable system CVSup'd and make world'd on or > around June 28th. > > I've got the following IPFW rules: > > bash# ipfw show > 00100 88 7738 allow ip from any to any via lo0 > 00110 0 0 deny ip from any to 127.0.0.0/8 > 00200 18 1512 divert 6668 ip from any to any via ep0 > 00600 128437 30529826 allow ip from any to any > > ep0 is the private interface (192.168.x.y) and de0 and de1 > are public interfaces. de1 is our connection to the outside world, > while de0 is another small subnet, both with legal addresses. > > de0: flags=8843 mtu 1500 > inet 153.11.109.129 netmask 0xffffff80 broadcast 153.11.109.255 > ether 00:80:c8:3e:34:02 > media: autoselect (10baseT/UTP) status: active > de1: flags=8843 mtu 1500 > inet 153.11.109.11 netmask 0xffffffc0 broadcast 153.11.109.63 > ether 00:c0:d1:30:08:02 > media: autoselect (10baseT/UTP) status: active > ep0: flags=8843 mtu 1500 > inet 192.168.254.1 netmask 0xffffff00 broadcast 192.168.254.255 > ether 00:a0:24:0a:ed:f6 > > If I try to ping a system on the de1 network from the ep0 network, > I can see this from NATD. > > bash# natd -l -v -interface de1 > > In [ICMP] 192.168.254.2 -> 153.11.109.1 aliased to > 192.168.254.2 -> 153.11.109.1 > Out [ICMP] 192.168.254.1 -> 192.168.254.2 aliased to > 153.11.109.11 -> 192.168.254.2 > In [ICMP] 192.168.254.2 -> 153.11.109.1 aliased to > 192.168.254.2 -> 153.11.109.1 > Out [ICMP] 192.168.254.1 -> 192.168.254.2 aliased to > 153.11.109.11 -> 192.168.254.2 > In [ICMP] 192.168.254.2 -> 153.11.109.1 aliased to > 192.168.254.2 -> 153.11.109.1 > Out [ICMP] 192.168.254.1 -> 192.168.254.2 aliased to > 153.11.109.11 -> 192.168.254.2 > > How do I get it to change the In addresses? > > Thanks > > Dan Eischen > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message