Date: Fri, 23 Feb 2001 08:28:47 +0200 From: "Patrick O'Reilly" <patrick@mip.co.za> To: "Peter Brezny" <peter@black.purplecat.net>, <freebsd-net@freebsd.org> Subject: RE: nat forwarding Message-ID: <NDBBIMKICMDGDMNOOCAIEEEGCDAA.patrick@mip.co.za> In-Reply-To: <Pine.BSF.4.05.10102222002560.8312-100000@black.purplecat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter,
Some of the questions here (aliasing multiple interfaces individually) were
answered in my other email on your ipfw question. But let's look at the nat
forwarding issue.
My rc.conf contains these lines:
----
natd_enable="YES"
natd_interface="ed1"
natd_flags="-f /etc/natd.conf"
----
Now, the trick is that the syntax required in the natd config file is
different from that in rc.conf. In rc.conf the syntax is for a shell script
setting variables to contain certain values, but the natd.conf file will be
read by natd when it starts and must have the syntax expected by natd. This
is explained in the man page for natd, but you need to read it a few times
before it makes any sense (well that was the case with me anyway!) My
/etc/natd.conf looks like this:
----
redirect_port tcp 10.3.13.131:8080 x.x.x.x:8080
redirect_port tcp 10.3.13.131:1494 x.x.x.x:1494
redirect_port tcp 10.3.13.131:1604 x.x.x.x:1604
----
The x.x.x.x represents the registered ip on the external interface. These
lines cause all packets arriving at port 8080 (etc) on ip address x.x.x.x to
be redirected to port 8080 on 10.3.13.131 (my citrix server).
This is working just fine for me.
In your case, where you are running nat on multiple interfaces, I expect you
will need nat forwarding configured differently for each interface, so you
will probably want to have a /etc/natd1.conf with one set of redirection
rules, and /etc/natd2.conf with another set, etc. In this case you will
need to add the "-f /etc/natd1.conf" to the natd command in the rc script.
Compare this sample to my earlier email:
----
oif1=ed1 # your first external interface
oif2=ed2 # your second external interface
natdport1=8668 # port to use for nat on first interface
natdport2=8669 # port to use for nat on second interface
natd -port ${natdport1} -interface ${oif1} -f /etc/natd1.conf
natd -port ${natdport2} -interface ${oif2} -f /etc/natd2.conf
----
I hope this work out.
Regards,
Patrick O'Reilly
---
"I do not feel obliged to believe that the same God who has endowed us with
sense, reason, and intellect has intended us to forego their use." --
Galileo Galilei
-----Original Message-----
From: owner-freebsd-net@FreeBSD.ORG
[mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Peter Brezny
Sent: 23 February 2001 03:07
To: freebsd-net@FreeBSD.ORG
Subject: nat forwarding
After reading through the natd man page, I think I understand what I need
to do to redirect requests to one specified ip to another, however, I
don't understand where I put this config info.
i currently start natd with rc.conf with the following lines:
natd_enable="YES"
#natd_config="/etc/rc.natd"
natd_interface="fpx1"
natd_flags="-dynamic"
as you can see, i've attempted creating a file with natd config options in
it, but things don't seem to jive when i use it and comment out the last
two lines in the example above (specifying them inside rc.natd)
Also, i'd like to have multiple external interfaces with natd aliasing
each one respectively. is this possible? how would i configure that?
TIA
pb
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBIMKICMDGDMNOOCAIEEEGCDAA.patrick>