Date: Wed, 28 Feb 2001 13:18:00 -0500 (EST) From: Peter Brezny <peter@black.purplecat.net> To: freebsd-net@freebsd.org Subject: static nat problem Message-ID: <Pine.BSF.4.05.10102281252020.28070-100000@black.purplecat.net>
next in thread | raw e-mail | index | archive | help
I want to be able to forward all traffic coming to an external ip to an
internal ip.
I currently have nat configured and working so that all private internal
addresses are translated to a public ip as they leave the firewall machine
on their way out, but after reading the man page a couple of times, i've
been unable to set up static nat for a single public ip to private ip
translation using just the man page as a guide.
What I've done to try and get this working is to start natd from rc.conf
with both the -dynamic and -f /etc/natd.conf flags (see below).
/etc/natd.conf currently has a single line:
redirect_address 10.10.1.4 209.16.228.146
To try and clear up any weirdness, i've reduced my firewall to two lines:
# BEGIN NAT TEST ENTRIES
$fwcmd add divert natd all from any to any via $oif
$fwcmd add allow all from any to any
I know that natd is doing _something_ because when i remove the
-f /etc/natd.conf
section from rc.conf, http://209.16.228.146 gives me the default page.
When i include the -f /etc/natd.conf flag in rc.conf _any_ connection to
the external ip times out.
I think I must have just missed something simple.
TIA
pb
my rc.conf firewall options are as follows:
# Firewall options by pab 001128
syslogd_flags="-ss"
gateway_enable="YES"
firewall_enable="YES"
natd_enable="YES"
natd_interface="fxp0"
natd_flags="-dynamic -f /etc/natd.conf"
firewall_script="/etc/rc.firewall.nattest"
# end firewall options
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10102281252020.28070-100000>