From owner-freebsd-net Tue Feb 27 5: 6:51 2001 Delivered-To: freebsd-net@freebsd.org Received: from mip.co.za (puck.mip.co.za [209.212.106.44]) by hub.freebsd.org (Postfix) with ESMTP id A9BE937B71C for ; Tue, 27 Feb 2001 05:06:39 -0800 (PST) (envelope-from patrick@mip.co.za) Received: from patrick (patrick.mip.co.za [10.3.13.181]) by puck.mip.co.za (8.9.3/8.9.3) with SMTP id IAA89255; Fri, 23 Feb 2001 08:28:47 +0200 (SAST) (envelope-from patrick@mip.co.za) From: "Patrick O'Reilly" To: "Peter Brezny" , Subject: RE: nat forwarding Date: Fri, 23 Feb 2001 08:28:47 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 In-Reply-To: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Peter, Some of the questions here (aliasing multiple interfaces individually) were answered in my other email on your ipfw question. But let's look at the nat forwarding issue. My rc.conf contains these lines: ---- natd_enable="YES" natd_interface="ed1" natd_flags="-f /etc/natd.conf" ---- Now, the trick is that the syntax required in the natd config file is different from that in rc.conf. In rc.conf the syntax is for a shell script setting variables to contain certain values, but the natd.conf file will be read by natd when it starts and must have the syntax expected by natd. This is explained in the man page for natd, but you need to read it a few times before it makes any sense (well that was the case with me anyway!) My /etc/natd.conf looks like this: ---- redirect_port tcp 10.3.13.131:8080 x.x.x.x:8080 redirect_port tcp 10.3.13.131:1494 x.x.x.x:1494 redirect_port tcp 10.3.13.131:1604 x.x.x.x:1604 ---- The x.x.x.x represents the registered ip on the external interface. These lines cause all packets arriving at port 8080 (etc) on ip address x.x.x.x to be redirected to port 8080 on 10.3.13.131 (my citrix server). This is working just fine for me. In your case, where you are running nat on multiple interfaces, I expect you will need nat forwarding configured differently for each interface, so you will probably want to have a /etc/natd1.conf with one set of redirection rules, and /etc/natd2.conf with another set, etc. In this case you will need to add the "-f /etc/natd1.conf" to the natd command in the rc script. Compare this sample to my earlier email: ---- oif1=ed1 # your first external interface oif2=ed2 # your second external interface natdport1=8668 # port to use for nat on first interface natdport2=8669 # port to use for nat on second interface natd -port ${natdport1} -interface ${oif1} -f /etc/natd1.conf natd -port ${natdport2} -interface ${oif2} -f /etc/natd2.conf ---- I hope this work out. Regards, Patrick O'Reilly --- "I do not feel obliged to believe that the same God who has endowed us with sense, reason, and intellect has intended us to forego their use." -- Galileo Galilei -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Peter Brezny Sent: 23 February 2001 03:07 To: freebsd-net@FreeBSD.ORG Subject: nat forwarding After reading through the natd man page, I think I understand what I need to do to redirect requests to one specified ip to another, however, I don't understand where I put this config info. i currently start natd with rc.conf with the following lines: natd_enable="YES" #natd_config="/etc/rc.natd" natd_interface="fpx1" natd_flags="-dynamic" as you can see, i've attempted creating a file with natd config options in it, but things don't seem to jive when i use it and comment out the last two lines in the example above (specifying them inside rc.natd) Also, i'd like to have multiple external interfaces with natd aliasing each one respectively. is this possible? how would i configure that? TIA pb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message