From owner-freebsd-questions  Sat Aug 17 23:06:03 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id XAA26311
          for questions-outgoing; Sat, 17 Aug 1996 23:06:03 -0700 (PDT)
Received: from haywire.DIALix.COM (root@haywire.DIALix.COM [192.203.228.65])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA26303
          for <freebsd-questions@freebsd.org>; Sat, 17 Aug 1996 23:05:55 -0700 (PDT)
Received: (from news@localhost) by haywire.DIALix.COM (8.7.5/8.7.3) id OAA06644 for freebsd-questions@freebsd.org; Sun, 18 Aug 1996 14:04:43 +0800 (WST)
Received: from GATEWAY by haywire.DIALix.COM with netnews
	for freebsd-questions@freebsd.org (problems to: usenet@haywire.dialix.com)
To: freebsd-questions@freebsd.org
Date: Sun, 18 Aug 1996 15:25:02 GMT
From: mark@putte.seeware.DIALix.oz.au (Mark Hannon)
Message-ID: <DwCAtq.Lx@seeware.DIALix.oz.au>
Organization: Private FreeBSD site
Subject: Setting up ipfilter
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi,

Decided to try setting up this ipfilter for NAT.  Have the following
config.

  Windows                      FreeBSD
  machine                      machine
  knappen <---ethernet---> ed0  putte tun0 <---dialup---> ISP
      10.0.0.2          10.0.0.1     


When the dialup connection is up and running the following is valid:

putte:~> netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif Expire
default            146.11.7.2         UGc         3        0      tun0
10/24              link#1             UC          0        0 
10.0.0.1           127.0.0.1          UGHS        2      493       lo0
127.0.0.1          127.0.0.1          UH          1        0       lo0
146.11.7.2         146.11.7.10        UH          4        0      tun0
146.11.7.10        127.0.0.1          UH          0        0       lo0
224/4              link#1             UCS         0        0 

putte:~> ifconfig ed0
ed0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255

putte:~> ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
        inet 146.11.7.10 --> 146.11.7.2 netmask 0xffff0000 

I have compiled a kernel with a lkm from ipfilter 3.10 and loaded
it.  I have then tried ipnat as follows:

putte:~> sudo modload /lkm/if_ipl.o 
Module loaded as ID 0

putte:~> sudo ipnat -v -f ~/ipnat.conf
map ed0 10.0.0.2/8  -> 146.11.7.10/255.255.0.0
        0 0 0.0.0.0 0 0
putte:~> cat ~/ipnat.conf 
map ed0 10.0.0.2/8 -> 146.11.7.10/16

I think this is right... but I can't reach the outside world from
the windows machine, can anybody point me in the right direction??

Regards/mark

-- 
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| Mark Hannon,| FreeBSD - Free Unix for your PC| mark@seeware.DIALix.oz.au|
| Melbourne,  | PGP key available by fingering | epamha@epa.ericsson.se   |
| Australia   | seeware@melbourne.DIALix.oz.au |                          |
+-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+