Date: Sat, 24 Mar 2007 14:32:44 +0100 From: Volker <volker@vwsoft.com> To: Gilberto Villani Brito <linux@giboia.org> Cc: "FreeBSD \(PF\)" <freebsd-pf@freebsd.org> Subject: Re: Nat and rdr. Message-ID: <4605287C.5060901@vwsoft.com> In-Reply-To: <6e6841490703230537h79669db8u4c831965fc398fcd@mail.gmail.com> References: <6e6841490703230537h79669db8u4c831965fc398fcd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Gilberto,
On 12/23/-58 20:59, Gilberto Villani Brito wrote:
> Hi,
> I need make nat and rdr for my conections from lo0 of my firewall.
> I have those rules:
> rdr on { em0 em1 lo0 } proto icmp from any to 200.250.0.1 -> 192.168.0.2
> nat on { em0 em1 lo0 } from 192.168.0.2 to any -> 200.250.0.1
>
> When I tray ping ip 200.250.0.1 from my firewall, it tray the default gw.
> I would like it make a nat and ping the ip 192.168.0.2. Is it possible??
>
It would help if we knew a bit more about your setup (which
interface is external, which is internal).
But I'm unable to imagine how useful it might be to NAT traffic on
the loopback interface.
Your current rdr rules will not work as you think it should. For
example there should never be a packet going through lo0 with a
destination address of 200.250.0.1. Also NATing on the internal
interface (and lo0) with the IP address of your external interface
might give you strange results.
Greetings,
Volker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4605287C.5060901>