Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 31 Dec 1999 09:32:58 -0700
From:      "Jeff Lush" <jeff@nerdpower.com>
To:        <freebsd-questions@freebsd.org>
Subject:   NATD question
Message-ID:  <NDBBKIMGBBOBEOPLFCHIMEDHCFAA.jeff@nerdpower.com>
next in thread | raw e-mail | index | archive | help 
Hello,

I have a question about NATD, and am looking for some advice. I would like
to setup a firewall/NAT box for a small LAN. I have setup and used FreeBSD
3.2 and 3.3 for this in the past without problems. This time; however, I
need to put a mail server behind the firewall/NAT box. Here's the
description:

There are 2 public IPs available:
139.142.150.29 - assigned for mail in MX record
139.142.150.39 - assigned for NAT/LAN traffic

Private IP scheme:
192.168.1.1 - mail server behind firewall

Two NICs:
de0 - public
de1 - private

My proposed solution is to redirect 139.142.150.29 to 192.168.1.1 using the
'redirect_address' option.

In the rc.conf:
-
ifconfig_de0="inet 139.142.150.39 netmask 255.255.255.0"
ifconfig_de0_alias="inet 139.162.150.39 netmask 255.255.255.0"
ifconfig_de1="inet 192.168.1.254 netmask 255.255.255.0"

natd_program="/bin/natd -redirect_address 192.168.1.1 139.162.150.29"
-

My firewall ruleset first passes everything to natd and allows for port 25
traffic to be passed into and out of the LAN (pop3 support is only needed
within the LAN).

My questions are:

1. Will this work?
2. Do I need to add additional comments to '-redirect_address'? Such as:
-redirect_address 192.168.1.1 139.162.150.29 #redirect traffic to mail
server
-redirect_address 0.0.0.0 139.162.150.39 #redirect traffic to LAN - Is this
necessary?

My biggest challenge is that I must build this and set it up in a remote
area, so testing will be difficult. If I have missed any information, please
let me know and I will provide it. Any comments on what I have said here
would be most appreciated.

Thanks,

Jeff Lush



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBKIMGBBOBEOPLFCHIMEDHCFAA.jeff>