From owner-freebsd-questions  Tue Jul  7 14:04:40 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA03736
          for freebsd-questions-outgoing; Tue, 7 Jul 1998 14:04:40 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from iworks.interworks.org (deischen@iworks.interworks.org [128.255.18.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA03726
          for <questions@FreeBSD.org>; Tue, 7 Jul 1998 14:04:35 -0700 (PDT)
          (envelope-from deischen@iworks.interworks.org)
Received: (from deischen@localhost)
	by iworks.interworks.org (8.8.7/8.8.7) id QAA24268
	for questions@FreeBSD.org; Tue, 7 Jul 1998 16:06:03 -0500 (CDT)
Date: Tue, 7 Jul 1998 16:06:03 -0500 (CDT)
From: "Daniel M. Eischen" <deischen@iworks.interworks.org>
Message-Id: <199807072106.QAA24268@iworks.interworks.org>
To: questions@FreeBSD.ORG
Subject: NATD problems
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I can't get NATD to properly translate addresses.  Can
someone point out what I'm doing wrong?  BTW, this is all
on a 2.2-stable system CVSup'd and make world'd on or
around June 28th.

I've got the following IPFW rules:

bash# ipfw show
00100         88       7738 allow ip from any to any via lo0
00110          0          0 deny ip from any to 127.0.0.0/8
00200         18       1512 divert 6668 ip from any to any via ep0
00600     128437   30529826 allow ip from any to any

ep0 is the private interface (192.168.x.y) and de0 and de1
are public interfaces.  de1 is our connection to the outside world,
while de0 is another small subnet, both with legal addresses.

de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 153.11.109.129 netmask 0xffffff80 broadcast 153.11.109.255
        ether 00:80:c8:3e:34:02 
        media: autoselect (10baseT/UTP) status: active
de1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 153.11.109.11 netmask 0xffffffc0 broadcast 153.11.109.63
        ether 00:c0:d1:30:08:02 
        media: autoselect (10baseT/UTP) status: active
ep0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.254.1 netmask 0xffffff00 broadcast 192.168.254.255
        ether 00:a0:24:0a:ed:f6 

If I try to ping a system on the de1 network from the ep0 network,
I can see this from NATD.

bash# natd -l -v -interface de1

In  [ICMP] 192.168.254.2 -> 153.11.109.1 aliased to
           192.168.254.2 -> 153.11.109.1
Out [ICMP] 192.168.254.1 -> 192.168.254.2 aliased to
           153.11.109.11 -> 192.168.254.2
In  [ICMP] 192.168.254.2 -> 153.11.109.1 aliased to
           192.168.254.2 -> 153.11.109.1
Out [ICMP] 192.168.254.1 -> 192.168.254.2 aliased to
           153.11.109.11 -> 192.168.254.2
In  [ICMP] 192.168.254.2 -> 153.11.109.1 aliased to
           192.168.254.2 -> 153.11.109.1
Out [ICMP] 192.168.254.1 -> 192.168.254.2 aliased to
           153.11.109.11 -> 192.168.254.2

How do I get it to change the In addresses?

Thanks

Dan Eischen

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message