Date: Fri, 4 Jun 1999 07:37:58 +1200 From: "Dan Langille" <junkmale@xtra.co.nz> To: tsikora@tiac.net Cc: freebsd-questions@freebsd.org Subject: Re: ipnat Message-ID: <19990603194023.DSKW8785947.mta2-rme@wocker> In-Reply-To: <37567182.E96180D2@home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I've cc'd this message freebsd-questions. Please retain that in all replies. On 3 Jun 99, at 8:13, Ted Sikora wrote: > Dan Langille wrote: > > > > I've cc'd this message freebsd-questions. > > > > > (Need a modified form of this) > > > map ed0 192.168.0.0/16 -> 0.0.0.0/32 portmap tcp/udp > > > 40000:65000 > > > map ed0 192.168.0.0/16 -> 0.0.0.0/32 > > > > Well, have you tried? > > > > map ed0 192.168.0.2/32 -> 0.0.0.0/32 portmap tcp/udp > > 40000:65000 > > > > So I should use: > > map ed0 192.168.0.2/32 -> 0.0.0.0/32 portmap tcp/udp 40000:65000 > map ed0 192.168.0.2/32 -> 0.0.0.0/32 > map ed0 192.168.0.3/32 -> 0.0.0.0/32 portmap tcp/udp 40000:65000 > map ed0 192.168.0.3/32 -> 0.0.0.0/32 I'm guessing yes. Try it and see. > > > > > ...and then another for each other machine > > > > > I use Linux currently with ipchains and ipfwadm. I use > > > the following there: > > > > > > # IP masquerading for kernel 2.2 > > > > > > /sbin/ipchains -P forward DENY > > > /sbin/ipchains -A forward -j MASQ -s 192.168.0.2/32 -d > > > 0.0.0.0/0 > > > /sbin/ipchains -A forward -j MASQ -s 192.168.0.3/32 -d > > > 0.0.0.0/0 > > > > > > # IP masquerading with ipfwadm and 1.3 thru 2.0 kernels. > > > > > > /sbin/ipfwadm -F -p deny > > > /sbin/ipfwadm -F -a m -S 192.168.0.2/32 -D 0.0.0.0/0 > > > /sbin/ipfwadm -F -a m -S 192.168.0.3/32 -D 0.0.0.0/0 > > > > Well, I've never used Linux. > > It's not bad provided the right distribution is used. > Slackware which was first and shares much with FreeBSD > (Walnut Creek)probably is the only one worth trying > and maybe SuSE. The rest are garbage including RedHat > (another Microsoft contender)it has the bugs to prove it. > > > > > > I list each machine(192.168.0.2 and 192.168.0.3) because > > > 192.168.0.1 has a separate leased line (dial-up) to the > > > internet. The Masq machine is 192.168.0.4. Could you show > > > me the rules for IPnat for individual machines to use with > > > FreeBSD 3.2 Your help would be greatly appreciated. I had > > > bad luck with natd.(constant host is down error) > > > > Did you see any help with that natd problem? Sounds pretty straight > > forward. > > No I tried freebsd.misc. with no luck. It appears it is a bug in the > code. > Natd worked fine but the /var/log/messages loads up with a host is down > message which I never could find. I changed rc.firewall many times, ran it > bare to no avail. That's a newsgroup. Try the FreeBSD mailing lists which may bring you more luck. see http://www.freebsd.org/handbook/eresources.html#ERESOURCES- MAIL > I started using FreeBSD right before 3.0-RELEASE was out. Best decision I > have made. The speed and elegance impressed me. Simple things like making > a new kernel are a pleasure in FreeBSD. Like Slackware it is built the way > I would probably make it or at least I can modify it to my liking. > > > Thanks for the help. I just wanted to be sure before switching OS'es > A few people rely on the server so I wanted to limit downtime. You're welcome. -- Dan Langille - DVL Software Limited The FreeBSD Diary - http://www.FreeBSDDiary.org/freebsd/ NZ FreeBSD User Group - http://www.nzfug.nz.freebsd.org/ The Racing System - http://www.racingsystem.com/racingsystem.htm To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990603194023.DSKW8785947.mta2-rme>