From owner-freebsd-questions Sun Mar 7 5:41:34 1999 Delivered-To: freebsd-questions@freebsd.org Received: from camel.ethereal.net (fraenatus.ethereal.net [204.107.140.58]) by hub.freebsd.org (Postfix) with ESMTP id F0F9D14C22 for ; Sun, 7 Mar 1999 05:40:00 -0800 (PST) (envelope-from mistwolf@camel.ethereal.net) Received: (from mistwolf@localhost) by camel.ethereal.net (8.9.1a/8.9.1) id FAA17186 for freebsd-questions@freebsd.org; Sun, 7 Mar 1999 05:39:41 -0800 (PST) Message-ID: <19990307053941.A17134@ethereal.net> Date: Sun, 7 Mar 1999 05:39:41 -0800 From: Jamie Norwood To: freebsd-questions@freebsd.org Subject: Natd question Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I need to know how to do something using NatD, and can't find any good online resources for this. Being strapped cash-wise for a few more weeks, buying the Ora book on firewalls is impossible. What I have is 3 computers, 4 NICs, and a cable modem. I also have 4 IPs, though I think I will only need 3. What I want is for the cable modem to plug into the FreeBSD box's primary NIC, and the in-house subnet of 2 windoze machines plugged into it's secondary NIC. I would like to use NatD to do a one-for-one address translation on the IPs for the windows machine. So, assuming: A: The FreeBSD machine's primary NIC, 10.0.0.56 10.0.0.57 & 10.0.0.58 B: The FreeBSD machine's secondary NIC 192.168.0.1 C: A Windows box, 192.168.0.2 D: A Windows box, 192.168.0.3 Packet comes in to 10.0.0.56, and ends there, that being the FreeBSD machine. Packet comes in to 10.0.0.57, and is translated to 192.168.0.2 and sent to C. Packet comes in to 10.0.0.58, and is translated to 192.168.0.3 and sent to D. C sends packet back through B, where it is translated back to 10.0.0.57, and sent out A. D sends packet back through B, where it is translated back to 10.0.0.58, and sent out A. This would allow me to filter things like Netbios and such so the windows machines could safely fileshare and such, while allowing them full access to the internet, as well as the internet full access to them and the servers they run (A webserver, and the other boots into FreeBSD for FTP.) How could this be done, or where can I look that someone with no money on- hand can go to find out how to do it? Thank you, Jamie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message