Date: Tue, 16 Dec 1997 17:36:01 -0500 (EST) From: Ben Hockenhull <benh@blues.jpj.net> To: Charles Henrich <henrich@crh.cl.msu.edu> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd Message-ID: <Pine.BSI.3.95.971216173332.5433A-100000@blues.jpj.net> In-Reply-To: <19971216165404.40245@crh.cl.msu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 Dec 1997, Charles Henrich wrote: > How does natd know not to translate addresses coming in from the "wrong" > interface? I.e: > > > [internet] <--> [ed0] (host) [ed1] <--> InternalNet > > All of the firewall rules and everything else seems to require ed0 be > specified for NATD to operate correctly, However, how does natd understand > that it shouldnt be translating (say 10. addresses) coming in off of the > internet? Well, for starters, 10.x.x.x addresses shouldn't be coming in off the Internet. :) You specify what packets from what interface to divert to the natd socket in rc.firewall. That combined with the unregistered_only option in natd should take care of it. Ben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.971216173332.5433A-100000>