Date: Fri, 8 Mar 2002 12:16:22 +0000 From: Ceri <setantae@submonkey.net> To: Koroush Saraf <koroush@pacbell.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Running NAT on a single interface Message-ID: <20020308121622.GA42497@submonkey.net> In-Reply-To: <004901c1c3fc$f97a47c0$650110ac@netmetrica.com> References: <200203050300.WAA23159@alpha.vaxxine.com> <004901c1c3fc$f97a47c0$650110ac@netmetrica.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Mar 04, 2002 at 08:18:00PM -0800, Koroush Saraf wrote: > Hi All, > I like to run NAT on a single interface gateway. I like it to translate > between private addresses and the public one which is connected to my DSL > router. Is that possible? I'm not asking whether its a good idea or not, I > like to know whether BSD is flexible enough to allow that, and if so, how > does it distinguish which addresses are on the "outside" and which ones are > in the inside, since the interface flag will not be much help in this case. I do this on one of my machines. Setting it up wasn't all that hard, this basically takes care of all the magic : add 00306 divert natd all from any to any via 212.250.77.214 add 00307 pass all from 172.17.77.0/24 to any via 172.17.77.214 add 00308 pass all from any to 172.17.77.0/24 via 172.17.77.214 add 00309 deny log all from any to 172.17.77.0/24 via ed0 add 00310 deny log all from 172.17.77.0/24 to any via ed0 The NAT'd machines run on 172.17.77.0/24 on the same wire as the public IP addresses. If you want any more info, let me know. Ceri -- keep a mild groove on To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020308121622.GA42497>