From owner-freebsd-questions Wed Nov 20 14:18:59 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B5CC737B401 for ; Wed, 20 Nov 2002 14:18:56 -0800 (PST) Received: from truman.datasphereweb.com (12-231-81-122.client.attbi.com [12.231.81.122]) by mx1.FreeBSD.org (Postfix) with SMTP id 9651943EA9 for ; Wed, 20 Nov 2002 14:18:52 -0800 (PST) (envelope-from ryallsd@datasphereweb.com) Received: (qmail 70473 invoked from network); 20 Nov 2002 22:27:31 -0000 Received: from 12-229-238-38.client.attbi.com (HELO bartxp) (12.229.238.38) by 12-231-81-122.client.attbi.com with SMTP; 20 Nov 2002 22:27:31 -0000 From: "Derrick Ryalls" To: Subject: RE: NAT Help Date: Wed, 20 Nov 2002 14:20:48 -0800 Message-ID: <000901c290e3$1417b870$0200a8c0@bartxp> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 In-Reply-To: <20021120191159.5699.qmail@web13806.mail.yahoo.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Hi, >=20 > I'm trying to get NAT up and running on my FreeBSD > 4.7R gateway machine and have hit a bit of a wall.=20 > Have looked around online for FAQs and other help and > haven't really been able to isolate the problem this > way. If anyone can offer advice, I would be most > appreciative. >=20 > I have a FreeBSD machine configured as a gateway for a > LAN. The BSD machine has two NICs (fxp0 and vr0).=20 > fxp0 is connected to a router via ethernet, which in > turn is connected to the Net via ADSL. The router is > very basic and doesn't have all of the functions we > require, hence the BSD box being the gateway. >=20 > vr0 is connected to a hub for the LAN, which all uses > internal 10.0.0.x IP addressing. The FreeBSD box > provides DHCP for this range. All of this is working=20 > correctly. We also have a couple of external IPs which I=20 > would like to map onto a couple of servers on the private=20 > LAN, and herein lies the problem. I just can't seem to get=20 > NAT working to redirect these IPs from the BSD machine to the=20 > relevant internal IP. >=20 > On the BSD machine, I've compiled a kernel with the > following options: >=20 > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPFIREWALL_VERBOSE >=20 > The following options exist in rc.conf: >=20 > gateway_enable=3D"YES"=20 > firewall_enable=3D"YES"=20 > firewall_type=3D"OPEN"=20 > natd_enable=3D"YES"=20 > natd_interface=3D"fxp0"=20 > natd_flags=3D"-redirect_address 10.0.0.2 x.x.x.x=20 > -redirect_address 10.0.0.3 x.x.x.x"=20 >=20 > (where x.x.x.x is of course the external IP). >=20 > rc.conf also contains the following ipconfig settings > for the external IP addresses (of which there are 5). >=20 > ifconfig_fxp0_alias0=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias1=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias2=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias3=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias4=3D"inet x.x.x.x netmask > 255.255.255.248" I am no expert and have never aliased before, but I think you need to use the netmask of 255.255.255.255 (0xffffffff) for aliases. >=20 > alias0 is used as the IP address for the gateway > machine and my intention is to redirect traffic on the=20 > remaining four addresses to other machines on the LAN. This=20 > is where it falls down and I'm stumped. >=20 > Regards, >=20 > Ben Craig. >=20 > =3D=3D=3D=3D=3D > -- > Benjamin Craig > Executive Producer > Cinemagine Limited >=20 >=20 > __________________________________________________ > Do You Yahoo!? > Everything you'll ever need on one web page > from News and Sport to Email and Music Charts http://uk.my.yahoo.com >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message