Date: Fri, 28 Jul 2006 11:31:45 +0300 From: vladone <vladone@spaingsm.com> To: ipfw@freebsd.org Subject: Re[3]: FreeBSD Gateway to replace old Linux gateway Message-ID: <50272484.20060728113145@spaingsm.com> In-Reply-To: <367935308.20060728110514@spaingsm.com> References: <44C7C55E.3090907@elaconta.com> <Pine.GSO.4.58.0607261911170.5824@flame.cs.dal.ca> <44C7F4BE.2080805@elaconta.com> <367935308.20060728110514@spaingsm.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> U have two simply solutions, and one a little more complicated > 1. use bridge, ho suggest someoane > 2. if dont' wnat to change network configuration, then change part > from firewall to hub or modem or what u have. For example > modem 10.1.1.1 <----> 10.1.1.2 firewall (freebsd 6.1) > 192.168.1.2<------>lan 192.168.1.0/24 > with simple natd config like this > use_sockets yes > same_ports yes > interface xl0 > dynamic yes > assuming that in your firewall, xl0 is external interface with > ip 10.1.1.2, config kernel with proper oprions, and use > ipfirewall. > 3. i think that is a bit more complicate with route but i don't think > that can work, but u can try. > I recommend u variant 2 because is very clear, and need to change > only modem internal ip. U can try and this. Put ip's how u want, and then use ipfw+natd, with natd configured how i explain at previous message. In ipfw rules u need to have an rule like: 100 natd ip from any to any Shoul be work but i think that u need to manipulate and routing table, because packets need to know where to go. For that try to set this in rc.conf (but i think that u have already set that) defaultrouter="192.168.1.2" gateway_enable="YES" where 192.168.1.2 (for example)is ip of external interface on your firewall. -- Best regards, vladone mailto:vladone@spaingsm.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50272484.20060728113145>