From owner-freebsd-questions Fri Apr 4 05:05:42 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA06681 for questions-outgoing; Fri, 4 Apr 1997 05:05:42 -0800 (PST) Received: from gatekeeper.barcode.co.il (gatekeeper.barcode.co.il [192.116.93.17]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA06663 for ; Fri, 4 Apr 1997 05:05:33 -0800 (PST) Received: (from nadav@localhost) by gatekeeper.barcode.co.il (8.8.5/8.6.12) id QAA12038; Fri, 4 Apr 1997 16:04:40 +0300 (IDT) Date: Fri, 4 Apr 1997 16:04:40 +0300 (IDT) From: Nadav Eiron To: Joachim Kuebart cc: questions@freebsd.org Subject: Re: Gateway In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 4 Apr 1997, Joachim Kuebart wrote: > Hi! > > When hosts in a local 10.0.0.X net want to access the internet (http, ftp > etc.), doesn't it require IP Masquerading? And if so, where can I find it > in FreeBSD? There is more than one way to skin a cat (hopefuly Jordan doesn't read this :-) )... You can either go with a "transparent" proxy solution like socks that requires a socks complient client (most popular clients have socks support). soccks is available in the ports/packages collection. Second way is to set up specific application proxies. This way you need a specific application for each protocol you need to pass through the firewall. The added benefit is mainly caching, and better control. For some of those, look at the fwtk (also in the ports). The third is indeed to do IP Masquerading. This is a bit tough, but can be set up with IPfilter. > Does gated help? No, gated is for routing which is not the point here. > > c u Jo > > > Nadav