From owner-freebsd-questions Mon Mar 22 5:42:49 1999 Delivered-To: freebsd-questions@freebsd.org Received: from hercules.orion.ab.ca (hercules.orion.ab.ca [207.134.218.40]) by hub.freebsd.org (Postfix) with ESMTP id E490914ED8 for ; Mon, 22 Mar 1999 05:42:47 -0800 (PST) (envelope-from timp@orion.ab.ca) Received: from dedalus (24.65.177.130.ab.wave.home.com [24.65.177.130]) by hercules.orion.ab.ca (8.8.5/8.8.5) with SMTP id HAA00642; Mon, 22 Mar 1999 07:53:05 -0700 (MST) Message-ID: <002601be7534$227b2ec0$9801a8c0@dedalus> From: "Tim Pushor" To: "Hugh Blandford" Cc: Subject: Re: NAT Question Date: Tue, 23 Mar 1999 06:50:35 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Well, I have tried that. I did not want to do that initially because I wanted to learn exactly how ipfw and divert worked with NAT, and how I could manipulate firewall ACL's. But after not being able to get this working for a while, I did try -unregistered_only but the effect was that packets from my protected network did not get sent to the 'router or nat machines' default gateway. i.e. I could ping the public side of the router/nat box but could not ping the internet any more (before the nat I could fine). Think I am doing something wrong? Thanks for the response, Tim -----Original Message----- From: Hugh Blandford To: Tim Pushor Date: Monday, March 22, 1999 12:30 AM Subject: Re: NAT Question >Hi Tim, > >if your protected network is routable on the internet and you don't want to >do any NAT then there is a switch you can insert in the config file or at >runtime: > >-unregistered_only or -u > >Regards, > >Hugh > >At 22:51 22/03/99 -0700, you wrote: >>Hello, >> >>I have built a NAT box using ipfw and natd on FreeBSD 2.2.8. I can't seem to >>accomplish what I am trying to do: >> >>I have three interfaces (the IP's have been changed to protect the innocent >>:) >> >>public - 207.122.216.0 255.255.255.128 >>protected - 207.122.216.129 255.255.255.128 >>private - 192.168.1.0 255.255.255.0 >> >>What I am trying to do is to use the machine as a router between the public >>and protected interfaces (and default routing out to a router that will >>forward to the Internet), but NAT the private interface to an IP address on >>the public side. >> >>The NAT works fine.. The problem I am having is that after enabling nat, the >>protected interface will no longer forward to the Internet. >> >>What I am wondering is how I should configure ipfw so that traffic to/from >>the private network is NATted, and that routing between the public and >>protected interfaces is unnafected. >> >>Can someone help shed some light on this? >>Many thanks, >>Tim >> >> >> >>To Unsubscribe: send mail to majordomo@FreeBSD.org >>with "unsubscribe freebsd-questions" in the body of the message >> >> > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message