Date: Tue, 10 Jul 2001 15:15:10 -0700 (PDT) From: Julian Elischer <julian@elischer.org> To: Peter Warrick <peter@guest-tek.com> Cc: freebsd-net@freebsd.org Subject: Re: IPFW and NATD Message-ID: <Pine.BSF.4.21.0107101511220.54942-100000@InterJet.elischer.org> In-Reply-To: <200107102003.OAA19966@mail.guest-tek.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You need to divert bith directions. On Tue, 10 Jul 2001, Peter Warrick wrote: > I was referred to you by an Archie Cobbs who I guess did some of the > ipfw code in FreeBSD? I have a question that I'm hoping someone over on > your end might be able to help me with. I apologize if this email has > reached the wrong person btw. :) > > I have setup a server with 2 NIC cards and have natd running on en0 > (natd -interface en0). When I execute the ipfw command.... > > ipfw add divert natd all from any to any via en0 > > everything works find and all my computers behind my server are able to > get out to the Internet. But when I try to just divert one IP on my > private network it doesn't work. I need this functionality to be able to > specify only certain machines to be nated. The command I used was... > > ipfw add divert natd all from 192.168.1.2 to any via en0 Unfortunatly as you don't know what the outgoing session looks like you have to divert all incoming packets to natd to let it take it's pick. ipfw add divert natd ip from any to <my external address> in recv en0 This assumes that natd is set up to allow non-matching packets proceeed on their way. > > 192.168.1.2 is the IP of the local machine behind my server and the IP > of en1 which this machine is connected to is 192.168.1.1 which I have > setup as my gateway on my local machine. > > Do you have any ideas why this doesn't work or what I have done wrong? > Do I need to type in another command? > > Thank you for your time and any help you might be able to provide. > > Peter Warrick. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107101511220.54942-100000>