Date: Thu, 19 Mar 2009 00:34:43 -0700 From: Julian Elischer <julian@elischer.org> To: Lin Zhao <linzhao@ustc.edu.cn> Cc: freebsd-ipfw@freebsd.org, lists@jnielsen.net Subject: Re: pls help on 3 interfaces Message-ID: <49C1F593.2050009@elischer.org> In-Reply-To: <437446889.08051@ustc.edu.cn> References: <437446889.08051@ustc.edu.cn>
next in thread | previous in thread | raw e-mail | index | archive | help
Lin Zhao wrote: > too much thx for Julian Elischer & John Nielsen..... > i've tried it, and it seems working now, > but i don't know if i'm right in setting natd2.... > i just add one line in /etc/services as "natd2 8669" > and run a command: natd -n fxp1 -p 8669 > seems so stupid. I assume you mean "simple" instead of stupid... :-) I don't think you need natd2 in /etc/services... but as long as the ipfw and natd agree in the port number it should work. You didn't say if you have nat already. but if you do then I believe natd can do more than one nat with a single instance now. (phk added that some time ago) but I have never done it, so I can not tell you how... read the man page... also the in-kernel nat available in ipfw can do this and you can also do multiple NATS with that too but once again, I haven't done it myself. > > Lin > > 在您的来信中曾经提到: >> From: John Nielsen <lists@jnielsen.net> >> Reply-To: >> To: freebsd-ipfw@freebsd.org, Lin Zhao <linzhao@ustc.edu.cn> >> Subject: Re: pls help on 3 interfaces >> Date:Wed, 18 Mar 2009 23:23:56 -0400 >> >> On Wednesday 18 March 2009 10:36:15 pm Lin Zhao wrote: >>> hi all, wish my english is enough :-) >>> my freebsd has 3 interfaces, like this, >>> >>> ---- ----switch1 >>> >>> | ---------- fxp0 | >>> | >>> | | |--------- >>> >>> internal |--------|freebsd71 | >>> >>> | rl0 | |--------- >>> | ---------- fxp1 | >>> >>> ---- ----switch2 >>> >>> we're in the internal and want to visit outside >>> we use fxp0 for default outside address and it works well >>> but for some reason, i want to use fxp1 for some special outside >>> address how can i do for it? >>> thanks a lot. >> Is the FreeBSD box performing network address translation (NAT)? I'm going >> to assume that it is and everything is being aliased through fxp0. I'm >> also assuming you're using ipfw since you wrote to the ipfw list. >> >> If the IP addresses which you'd like to reach via fxp1 are static, you >> should be able to do something like the following: >> >> Configure static routes on the FreeBSD machine for the the special outside >> addresses using the gateway of fxp1's network as the router. >> Configure an additional NAT rule (if still using natd now might be a good >> time to switch to in-kernel ipfw NAT..) to alias through fxp1. >> Configure ipfw to direct traffic to/from the special outside addresses to >> the new NAT instance instead of the default. >> >> I actually used a similar setup recently. If you care to confirm my >> assumptions above I can give you a more step-by-step guide. >> >> JN >> >> _______________________________________________ >> freebsd-ipfw@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >> > > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49C1F593.2050009>