Date: Wed, 25 May 2005 14:14:24 +0200 From: Thomas Wolf <tw@wsf.at> To: george roman <thewolfro@yahoo.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: NAT question Message-ID: <42946C20.4070805@wsf.at> In-Reply-To: <20050525115934.68740.qmail@web32906.mail.mud.yahoo.com> References: <20050525115934.68740.qmail@web32906.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
george roman wrote: > hi, > i have a small privat network and i do not want to > give internet acces to all the users in the network. > for nat, i use comand > > ipfw add divert natd all from any to any via fxp0 > > what would be the comand with whom i can restrict > acces only to certain ip addresses ? > > i tried this command > ipfw add divert natd all from 192.168.1.1/32 to any > via fxp0 > > to give access to internet only to the 192.168.1.1 ip > but it didn't work Yes, you are preventing incoming traffic from being nat'ed. Try using two rules instead: ipfw add divert natd all from any to any in recv fxp0 ipfw add divert natd all from 192.168.1.1/32 to any out xmit fxp0 Thomas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42946C20.4070805>