From owner-freebsd-questions  Fri Mar 13 05:40:59 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id FAA24013
          for freebsd-questions-outgoing; Fri, 13 Mar 1998 05:40:59 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from snmpmgr.state.tn.us (snmpmgr.state.tn.us [170.142.1.74])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id FAA24002
          for <freebsd-questions@freebsd.org>; Fri, 13 Mar 1998 05:40:54 -0800 (PST)
          (envelope-from pwoods@mail.state.tn.us)
Received: from langate.tnet.state.tn.us ([170.142.127.7]) by snmpmgr.state.tn.us with SMTP id AA10091
  (5.67b/IDA-1.5 for <freebsd-questions@freebsd.org>); Fri, 13 Mar 1998 07:40:53 -0600
Received: from tn01-Message_Server by langate.tnet.state.tn.us
	with Novell_GroupWise; Fri, 13 Mar 1998 07:48:00 -0600
Message-Id: <s508e4b0.060@langate.tnet.state.tn.us>
X-Mailer: Novell GroupWise 4.1
Date: Fri, 13 Mar 1998 07:47:10 -0600
From: Peter Woods <pwoods@mail.state.tn.us>
To: freebsd-questions@FreeBSD.ORG
Subject: IPFW and natd
Mime-Version: 1.0
Content-Type: text/plain
Content-Disposition: inline
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I am setting up a FreeBSD 2.2.5 box as a test firewall system.
The system has two 3Com 3c509 cards.  I have successfully
rebuilt my kernal with IPFW and natd appears to be running.  I
can successfully telnet from a computer on the private network
to one on the public network, but the reverse is not true.  The
public nic has two IP addesses (A.B.C.198 and A.B.C.199) and
the private nic has only one (10.10.10.1).  I am trying to get
A.B.C.199 to be sent to 10.10.10.2, but it stops at the firewall.
The firewall is set to "allow ip from any to any".  (This is afterall
just a test.)  I know I am overlooking something fairly obvious.  

When I telnet from private to public, I see that natd is working
properly and translating my addresss to A.B.C.199, but trying to
telnet from the public side to A.B.C.199 only get me to the firewall.

I started natd using:
natd -a A.B.C.199 -redirect_address 10.10.10.2 A.B.C.199

Did I do this right?  How do redirect more IPs?

Eventually, the public nic will have several alias, and I would like
A.B.C.198 -> 10.10.10.2
A.B.C.199 -> 10.10.10.3
A.B.C.200 -> 10.10.10.4
...

Am I backing up the wrong tree?


                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                    

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message