Date: Thu, 09 Sep 1999 09:40:03 +0200 From: Thierry Herbelot <thierry.herbelot@alcatel.fr> To: Scott Ware <wsware@carolina.rr.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD 3.2 NATD and IPFW Advice Needed Message-ID: <37D76453.29A76A4F@alcatel.fr> References: <000701befa6e$3a7befe0$0a02a8c0@puffinsoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, You may want to use the ARP proxy feature of the IP stack (this is started with a sysctl ; you can find the right variable with sysctl -a | grep proxy) TfH PS : there is also a comment on the subject in the "LINT" kernel config file Scott Ware wrote: > > FreeBSD 3.2 NATD and IPFW > > I need to be able to get a 10.x.x.x network to talk > with 2 machines on 158.116.206.159 & 160. > The main problem is the machine 159 and 160 > are very old OS9 and you can't set a default gateway > they can only reply to a 158.116.206.x. > (Please no comments on the OS9 machines) > > So what I want is to map: > 10.101.46.11 -> 158.116.206.159 > 10.101.46.12 -> 158.116.206.160 > > everything on 10.x.x.x needs to think it is talking to > 10.101.46.11 or 12 and everything on the 158.116.206.x > needs to think it is talking to 158.116.206.158 > > Before I started ipfw and natd I could talk to every > ip address on my freeBSD machine so I know that is right. > > With all the following settings nothing happens. > I try to ftp to 10.101.46.11 or 12 and > it just times out.. that I get some message from > natd saying it didn't get a reply. > but I can get from 158.116.206.158 to 158.116.206.159 and 160 > I tried natd_interface="ep1" and natd_interface="ep0" > > 10.101.46.10 > 10.101.46.11 158.116.206.159 > 10.101.46.12+-------+158.116.206.158 | > ----------------|FreeBSD|----------------------+ > ep1+-------+ep0 | > 158.116.206.160 > > Built Kernel with: > options IPFIREWALL #firewall > options IPDIVERT #divert sockets > > ?? Do I need? > ?? options IPFIREWALL_VERBOSE #print information about dropped > packets > ?? options IPFIREWALL_FORWARD #enable transparent proxy support > > /etc/rc.conf > network_interfaces="ep0 ep1 lo0" > ifconfig_ep0="inet 158.116.206.158 netmask 255.255.0.0" > ifconfig_ep1="inet 10.101.46.10 netmask 255.255.252.0" > ifconfig_ep1_alias0="inet 10.101.46.11 netmask 255.255.252.0" > ifconfig_ep1_alias1="inet 10.101.46.12 netmask 255.255.252.0" > defaultrouter="10.101.44.1" > firewall_enable="YES" > firewall_type="open" > gateway_enable="YES" > natd_enable="YES" > natd_interface="ep1" # I also Tried natd_interface="ep0" > natd_flags="-f /etc/rc.natd" > > /etc/rc.natd > same_ports yes > dynamic yes > use_sockets yes > redirect_address 158.116.206.159 10.101.46.11 > redirect_address 158.116.206.160 10.101.46.12 > > /etc/services > -Snip- > natd 8668/divert # Network Address Translation socket > -Snip- > > Please Email a reply.. > I'm not on the mailing list. > wsware@carolina.rr.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37D76453.29A76A4F>