Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 13 Aug 2014 15:14:07 -0400
From:      Fbsd8 <fbsd8@a1poweruser.com>
To:        Adam Vande More <amvandemore@gmail.com>
Cc:        FreeBSD Mailing List <freebsd-questions@freebsd.org>, Luciano Mannucci <luciano@vespaperitivo.it>
Subject:   Re: NAT question
Message-ID:  <53EBB8FF.6040504@a1poweruser.com>
In-Reply-To: <CA%2BtpaK0%2BYnEzagH--VnyNqpYArH2eVnmVhQEcR3ST8yYtRJZ%2Bw@mail.gmail.com>
References:  <3hYH0x3vTtzCy1h@baobab.bilink.it> <CA%2BtpaK0%2BYnEzagH--VnyNqpYArH2eVnmVhQEcR3ST8yYtRJZ%2Bw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Adam Vande More wrote:
> On Wed, Aug 13, 2014 at 11:48 AM, Luciano Mannucci <luciano@vespaperitivo.it
>> wrote:
> 
>> Hello, I'm still migrating machines from linux to FreeBSD. I'm wondering if
>> my translation from this iptables linux rule
>>
>> iptables -t nat -A POSTROUTING -s 192.168.7.234/32 -d 172.16.1.0/24 -o
>> eth1 -j
>> MASQUERADE
>>
>> (which means moreless if Mr 192.168.7.234 wherever he comes fom passes
>> through our eth1 interface to go to 172.16.1 network should get our
>> eth1 address instead of his)
>>
>> is moreless correctly translated in FreeBSD ipnat rules as
>>
>> map em0 192.168.7.234/32 -> 0/32
>>
>> or I'm missing something?
> 
> 
> You might want to use a more integrated and supported FW such as IPFW or PF
> to do NAT.
> 
> 
> 
Disregard that last post. ipfilter was updated to the current version 5 
in RELEASE 10.0 and I think also for 9.3. Been using ipfilter since 
RELEASE 4.0 without any problems. Its rock hard and easy to use.

  map = The keyword map starts the rule.

  em0 = The interface name of the interface facing the public Internet.

  192.168.7.234/32 = The IP address range of the private LAN.

  -> = Mandatory arrow symbol.

  0.32 = The IP address/netmask assigned by your ISP.
         The special alias keyword 0.32 tells ipnat to get the current 
public
         IP address of the interface specified on this statement and
         substitute it for the 0.32 keyword.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53EBB8FF.6040504>