From owner-freebsd-questions Wed Nov 15 21:18:41 2000 Delivered-To: freebsd-questions@freebsd.org Received: from giroc.albury.net.au (giroc.albury.NET.AU [203.15.244.13]) by hub.freebsd.org (Postfix) with ESMTP id 0264937B4C5 for ; Wed, 15 Nov 2000 21:18:39 -0800 (PST) Received: (from nicks@localhost) by giroc.albury.net.au (8.11.1/8.11.1) id eAG5IV995762 for questions@freebsd.org; Thu, 16 Nov 2000 16:18:31 +1100 (EST) Date: Thu, 16 Nov 2000 16:18:31 +1100 From: Nick Slager To: questions@freebsd.org Subject: Selective NAT with userland PPP Message-ID: <20001116161831.D50113@albury.net.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Homer: Whoohooooooo! Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Is it possible to do NAT with userland PPP for only specified IP addresses within the local network? I've tried with filters like this in ppp.conf: nat enable yes set filter out 0 permit tcp src eq 3128 set filter in 0 permit tcp dst eq 3128 set filter out 1 permit 192.168.40.203 0/0 set filter in 1 permit 0/0 192.168.40.203 set filter out 2 permit 192.168.40.102 0/0 set filter in 2 permit 0/0 192.168.40.102 aiming to allow full access for all to the proxy (port 3128 running on the same box), and full NAT access for 192.168.40.203 and 192.168.40.102, but it appears to work sporadically at best. Is this even possible, or should I abandon this and use natd/ipfw? I'm using 4.1-RELEASE and 4.1.1-STABLE. Nick -- From a Sun Microsystems bug report (#4102680): "Workaround: don't pound on the mouse like a wild monkey." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message