From owner-freebsd-questions  Sat Feb 17 21: 4:35 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from tuxcom.net.mx (ns.tuxcom.net.mx [148.223.149.177])
	by hub.freebsd.org (Postfix) with SMTP id 79F1937B4EC
	for <questions@freebsd.org>; Sat, 17 Feb 2001 21:04:30 -0800 (PST)
Received: (qmail 47044 invoked from network); 17 Feb 2001 23:04:36 -0600
Received: from unknown (HELO tuxcom.net.mx) (10.0.0.214)
  by tux-33.tuxcom.net.mx with SMTP; 17 Feb 2001 23:04:36 -0600
Message-ID: <3A8F57DB.E75B7AA2@tuxcom.net.mx>
Date: Sat, 17 Feb 2001 23:04:27 -0600
From: Michael Schoensee <michael@tuxcom.net.mx>
X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: questions@freebsd.org
Subject: natd -reverse
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Can't bring natd to work in the "internal" interface.

Have to run the natd on the internal interface.

Scenario:

PC1              pc2                                      
PC3               
10.10.14.13/24===10.10.14.254/24(rl1) 10.0.0.214/24(rl0)===10.0.0.254
gw 10.10.14.254              gw 10.0.0.254                 route
10.10.14.0/24 10.0.0.214 

Ping from PC3 to 10.10.14.254 ok
          PC3 to 10.10.14.13  ok
Ping from PC1 to any interface ok

So adding in pc2:
   ipfw add 300 divert 8668 ip from any to any via rl1
       /root # ipfw show
       00100   7830   313200 allow ip from any to any via lo0
       00200     22      968 deny ip from any to 127.0.0.0/8
       00300      8      672 divert 8668 ip from any to any via rl1
       65535 107693 17501832 allow ip from any to any

   and
   natd -v -i rl1 -reverse
       natd[1316]: Aliasing to 10.10.14.254, mtu 1500 bytes
       In  [ICMP] [ICMP] 10.10.14.13 -> 10.0.0.254 8(0) aliased to
           [ICMP] 10.10.14.254 -> 10.0.0.254 8(0)
       In  [ICMP] [ICMP] 10.10.14.13 -> 10.0.0.254 8(0) aliased to
           [ICMP] 10.10.14.254 -> 10.0.0.254 8(0)         
 
No Packets are coming back.
But:
         natd -v -n rl1
         natd[1321]: Aliasing to 10.10.14.254, mtu 1500 bytes
         In  [ICMP] [ICMP] 10.10.14.13 -> 10.0.0.254 8(0) aliased to
             [ICMP] 10.10.14.13 -> 10.0.0.254 8(0)
         Out [ICMP] [ICMP] 10.0.0.254 -> 10.10.14.13 0(0) aliased to
             [ICMP] 10.0.0.254 -> 10.10.14.13 0(0)               

Natd leave the packets untouched and can ping from PC3 to PC1 and PC1 to
PC3


How to analyze?
Tried tcpdump.
What I am missing?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message