From owner-freebsd-questions Fri Nov 17 10: 7:19 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 787EB37B479 for ; Fri, 17 Nov 2000 10:07:16 -0800 (PST) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Fri, 17 Nov 2000 10:05:47 -0800 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eAHI7D122024; Fri, 17 Nov 2000 10:07:13 -0800 (PST) (envelope-from cjc) Date: Fri, 17 Nov 2000 10:07:13 -0800 From: "Crist J . Clark" To: Ken Menzel Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw divert few to many Message-ID: <20001117100713.A21952@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <02e701c04fef$e0d35c20$641663cf@icarz.com> <20001116232831.E9740@149.211.6.64.reflexcom.com> <016d01c050b4$50171800$641663cf@icarz.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <016d01c050b4$50171800$641663cf@icarz.com>; from kenm@icarz.com on Fri, Nov 17, 2000 at 11:34:49AM -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Nov 17, 2000 at 11:34:49AM -0500, Ken Menzel wrote: > Thanks Crist, > I did RTFM before posting but it was not clear. More specifically > freebsd2# natd -redirect_address 10.0.0.10 207.99.22.38 > natd: aliasing address not given > freebsd2# natd -redirect_address 10.0.0.10 207.99.22.38 -a > 207.99.22.11 > natd: Unable to bind divert socket.: Address already in use > > Is this because it's already running? I must restart to change these > settings? Yes. # kill `cat /var/run/natd.pid` && > natd -redirect_address 10.0.0.10 207.99.22.38 -a 207.99.22.11 > you MUST supply all the arguments in one shot to natd. I was trying > to add a host after booting, its seems it can't be done. So adding > any new "redirect" hosts to the internal network will require a > shutdown and restart of NAT and any ipfw rules? Is there now way to > use ipfw to do the redirect? You do not have to touch any firewall rules. You only need to stop and restart natd. However, that does mean you need to be _very_ careful if you are trying to do the restart remotely (you can do it, but like I said, you need to be careful). The current translation table will be lost. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message