Date: Sat, 21 Feb 2015 22:55:26 +0400 From: Konstantin Kulikov <k.kulikov2@gmail.com> To: Mason Loring Bliss <mason@blisses.org> Cc: freebsd-net@freebsd.org Subject: Re: NAT question Message-ID: <CAD%2BeXGQf-7Tehcdq7Wj70OE069pY933E91H2uNsbjHtp2Dx33A@mail.gmail.com> In-Reply-To: <20150221020818.GY24491@blisses.org> References: <20150221020818.GY24491@blisses.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello. ipfw nat 1 config ip 1.2.3.4 ipfw nat 2 config ip 1.2.3.5 ipfw nat 3 config ip 1.2.3.6 ipfw add nat 1 ip from 4.5.6.7/32 to any out via $ext ipfw add nat 2 ip from 4.5.6.0/24 to any out via $ext ipfw add nat 3 ip from 8.9.0.0/24 to any out via $ext ipfw add nat 1 ip from any to 1.2.3.4 in via $ext ipfw add nat 2 ip from any to 1.2.3.5 in via $ext ipfw add nat 3 ip from any to 1.2.3.6 in via $ext Should work (untested though). As for your dnat questing I think you want redirect_addr nat option. On Sat, Feb 21, 2015 at 5:08 AM, Mason Loring Bliss <mason@blisses.org> wrote: > Hi all. > > With iptables, I can say something like: > > -t nat -A POSTROUTING -o eth0 -s 4.5.6.7/32 -d 0/0 -j SNAT --to-source 1.2.3.4 > -t nat -A POSTROUTING -o eth0 -s 4.5.6.0/24 -d 0/0 -j SNAT --to-source 1.2.3.5 > -t nat -A POSTROUTING -o eth0 -s 8.9.0.0/24 -d 0/0 -j SNAT --to-source 1.2.3.6 > > So, traffic going out from 4.5.6.7 goes into the world sourced from 1.2.3.4, > whereas the rest of 4.5.6/24 goes as 1.2.3.5, and all of 8.9.0/24 comes out > from 1.2.3.6. > > I don't see how to do this with IPFW. I assume there's some way to do it with > the GENERIC kernel, so I'm assuming natd is deprecated, as it requires a > custom kernel, as far as I can see. > > How do I accomplish this with IPFW? Or do I need to use PF for this? Or are > those independent of the NAT after all and I want to use something else? If > that's the case, does it require natd and a custom kernel, or is there > something that works with a GENERIC kernel? (This will be 10.1, FWIW.) > > Thanks. > > -- > Love is a snowmobile racing across the tundra and then suddenly it > flips over, pinning you underneath. At night, the ice weasels come. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD%2BeXGQf-7Tehcdq7Wj70OE069pY933E91H2uNsbjHtp2Dx33A>