Date: Sun, 13 Jul 2003 15:03:10 -0300 From: "Vitor de Matos Carvalho" <listas@softinfo.com.br> To: "Micheal Patterson" <micheal@cancercare.net>, <freebsd-questions@freebsd.org> Subject: Re: IPFW + NATD Message-ID: <006b01c34969$05671020$020aa8c0@acaraje> References: <001901c34938$ec57f750$020aa8c0@acaraje> <069501c3495f$4a100330$0201a8c0@dredster>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for help. My net 10.1.0.0/16 cannot se net 10.2.0.0/16.=20 E mine firewall the last rule of my kernel is: deny ip from any to any=20 Regards, --------------------------------------------------- Vitor de Matos Carvalho - #5602098 Softinfo Network Administrator +55 (71)9971-5011 / +55 (71)9986-9317 Salvador - Bahia - Brazil FreeBSD: The silent Workhorse ----- Original Message -----=20 From: "Micheal Patterson" <micheal@cancercare.net> To: <freebsd-questions@freebsd.org> Cc: <listas@softinfo.com.br> Sent: Sunday, July 13, 2003 1:53 PM Subject: Re: IPFW + NATD >=20 >=20 > ----- Original Message -----=20 > From: "Vitor de Matos Carvalho" <listas@softinfo.com.br> > To: <freebsd-questions@freebsd.org> > Sent: Sunday, July 13, 2003 7:18 AM > Subject: IPFW + NATD >=20 >=20 > > Hi, > > > > I have two networks: 10.1.0.0/16 and 10.2.0.0/16 > > > > Only that I need to make the NAT for only a one network, = 10.2.0.0/16. > Network 10,1,0,0/16 does not have external access. > > How I configure in ipfw + natd so that this is possible? > > My interface of exit is xl0 interface of network 10.1.0.0/16 is xl1, = and > interface of network 10.2.0.0/16 is xl2. > > As I configure in ipfw using natd to make nat only for net = 10.2.0.0/16. > > > > > > > > Regards, > > > > --------------------------------------------------- > > Vitor de Matos Carvalho - #5602098 > > Softinfo Network Administrator > > +55 (71)9971-5011 / +55 (71)9986-9317 > > Salvador - Bahia - Brazil > > FreeBSD: The silent Workhorse >=20 >=20 > I would think it would be something like this: >=20 > # Divert all outbound traffic through nat > # > ipfw add 1 divert natd all from any to any via xl0 > # > ### Allow traffic from <> to internal networks > # > ipfw add 2 allow ip from 10,1,0,0/16 to 10.2.0.0/16 > ipfw add 2 allow ip from 10.2.0.0/16 to 10.1.0.0/16 > # > ### Deny 10.1.0.0/16 traffic to anyone else > # > ipfw add 4 deny ip from 10.1.0.0/16 to any > # > ### Rest of firewall rules > # >=20 > -- >=20 > Micheal Patterson > Network Administration > Cancer Care Network > 405-733-2230 >=20 >=20 >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006b01c34969$05671020$020aa8c0>