Date: Tue, 15 Aug 2000 17:42:40 -0500 (COT) From: Buliwyf McGraw <buliwyf@libertad.univalle.edu.co> To: freebsd-security@FreeBSD.ORG Subject: About ipnat (The revenge) Message-ID: <Pine.BSF.4.21.0008151735460.53193-100000@libertad.univalle.edu.co>
next in thread | raw e-mail | index | archive | help
Ok... im working with ipf and ipnat for do a transparent proxy and ip masquerade in the same server (FreeBSD) with just one interface. The transparent proxy is working fine... now, i want to do the masquerade for my intranet. I was reading about ipnat and i found this: (Start here) Network Address Translation (NAT) Packets coming back in the same interface are remapped, as a matter of course, to their original address information. # map all tcp connections from 10.1.0.0/16 to 240.1.0.1, changing the source # port number to something between 10,000 and 20,000 inclusive. For all other # IP packets, allocate an IP # between 240.1.0.0 and 240.1.0.255,temporarily # for each new user. In this example, ed1 is the external interface. # Use ipnat, not ipf to load these rules. # map ed1 10.1.0.0/16 -> 240.1.0.1/32 portmap tcp 10000:20000 map ed1 10.1.0.0/16 -> 240.1.0.0/24 (Finish Here) I try some rules with ipnat for masquerade my subnet 192.168.0.0 with one valid ip (e.g. 200.25.53.10)... but it wasnt work :/ Anyone can tell what rule i need for my specific case??? Thanks. ======================================================================= Buliwyf McGraw Administrador del Servidor Libertad Centro de Servicios de Informacion Universidad del Valle ======================================================================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008151735460.53193-100000>