From owner-freebsd-questions  Wed Jan 28 23:34:07 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA19547
          for questions-outgoing; Wed, 28 Jan 1998 23:34:07 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from gilberto.physik.RWTH-Aachen.DE (gilberto.physik.rwth-aachen.de [137.226.30.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA19517
          for <freebsd-questions@FreeBSD.ORG>; Wed, 28 Jan 1998 23:34:02 -0800 (PST)
          (envelope-from kuku@gilberto.physik.RWTH-Aachen.DE)
Received: (from kuku@localhost)
	by gilberto.physik.RWTH-Aachen.DE (8.8.7/8.8.7) id IAA10253;
	Thu, 29 Jan 1998 08:38:49 GMT
	(envelope-from kuku)
Message-ID: <19980129083848.27473@gil.physik.rwth-aachen.de>
Date: Thu, 29 Jan 1998 08:38:48 +0000
From: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>
To: Brian Somers <brian@Awfulhak.org>
Cc: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>,
        freebsd-questions@FreeBSD.ORG, chrisa@commlet.com
Subject: Re: natd/libalias question
References: <19980128101330.57483@gil.physik.rwth-aachen.de> <199801282039.UAA09574@awfulhak.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.81e
In-Reply-To: <199801282039.UAA09574@awfulhak.org>; from Brian Somers on Wed, Jan 28, 1998 at 08:39:00PM +0000
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG
X-To-Unsubscribe: mail to majordomo@FreeBSD.org "unsubscribe questions"

On Wed, Jan 28, 1998 at 08:39:00PM +0000, Brian Somers wrote:
> [.....]
> > It works!
> > 
> > With the following /etc/rc.firewall:
> > 
> > /sbin/ipfw -f flush
> > /sbin/ipfw add divert natd all from any to any via le0
> > /sbin/ipfw add divert natd all from any to any via ipi0
> > /sbin/ipfw add pass all from any to any
> > 
> > And the following natd start line:
> > 
> > natd -redirect_address 192.168.1.114 0.0.0.0 -n ipi0
> > 
> > I still have to understand why this natd line makes it work for any
> > host on my local network, though :-)
> 
> I'm surprised the first line doesn't break things :-|  It's not 
> necessary and shouldn't really be there.

You mean the second line, don't you? :

"/sbin/ipfw add divert natd all from any to any via le0"

> 
> All natd is doing is altering all outgoing packets so that their src 
> address is that of the interface, and then un-altering packets that 
> come back in.
> 
> > -- 
> > Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de
> 
> -- 
> Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org>
>       <http://www.Awfulhak.org>
> Don't _EVER_ lose your sense of humour....
> 

-- 
--Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de