From owner-freebsd-questions Wed Jan 28 16:36:43 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA00330 for questions-outgoing; Wed, 28 Jan 1998 16:36:43 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA00239 for ; Wed, 28 Jan 1998 16:36:28 -0800 (PST) (envelope-from brian@Awfulhak.org) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.org (8.8.7/8.8.7) with ESMTP id UAA09534; Wed, 28 Jan 1998 20:28:49 GMT (envelope-from brian@gate.lan.awfulhak.org) Message-Id: <199801282028.UAA09534@awfulhak.org> X-Mailer: exmh version 2.0.1 12/23/97 To: Christoph Kukulies cc: Brian Somers , freebsd-questions@FreeBSD.ORG, chrisa@commlet.com Subject: Re: natd/libalias question In-reply-to: Your message of "Wed, 28 Jan 1998 09:06:47 GMT." <19980128090647.59235@gil.physik.rwth-aachen.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 28 Jan 1998 20:28:49 +0000 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk [.....] > Sorry, it's a while back but I found this in the questions list while > seeking for tips to set up my natd/ipfw. > > What do you mean by quoting? Where in the man page is this said? > > I'm desparately trying to establish natd/ipfw on my local network > with one gateway machine to the internet. > > | > ISDN (bisdn) > | > | > 137.226.123.27 > | > FreeBSD BOX (gateway) > ipi0: flags=2851 mtu 1500 > inet 137.226.123.27 --> 137.226.123.1 netmask 0xffffffff > | > le0: flags=8843 mtu 1500 > inet 192.168.1.119 netmask 0xffffff00 broadcast 192.168.1.255 > ether 08:00:b9:34:c6:e8 > | > 192.168.1.119 > | > ----------+-----------------------+----------------+------------- > | | > 192.168.1.114 > (inside) > > I only have one official IP address. I want to set up natd/ipfw > such that I can go out from the inside machine (192.168.1.114) > to the outside world. From the few I understand about natd this is > possible. > > But how do I set it up. > This is my present /etc/rc.firewall: > /sbin/ipfw -f flush > ##/sbin/ipfw add divert natd all from any to any via le0 > ##/sbin/ipfw add divert natd all from 192.168.1.114 to 192.168.1.119 via le0 > ##/sbin/ipfw add divert natd all from 192.168.1.119 to 137.226.145.27 via ipi0 > /sbin/ipfw add pass all from any to any > > You see my desparate signs of experimenting. You need `ipfw add divert natd all from any to any via ipi0', and `natd -n ipi0'. I'm about to make this clearer in the man page :-) > Routing info on the gateway: > > isdn-kukulies# netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 137.226.123.1 UGSc 3 1725 ipi0 > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > 137.226.123.1 137.226.123.27 UH 2 11 ipi0 > 192.168.0.1 192.168.1.119 UH 0 0 ipi1 > 192.168.0.4 192.168.1.119 UGHS 0 0 ipi0 > 192.168.1 link#1 UC 0 0 > 192.168.1.114 0:0:c0:47:c5:a1 UHLW 1 1073 le0 157 > 192.168.1.119 8:0:b9:34:c6:e8 UHLW 0 6 lo0 > 192.168.1.217 0:e0:29:b:7e:4a UHLW 0 1 le0 655 > > AppleTalk: > Destination Gateway Flags Refs Use Netif Expire > > > > > > > Chris Aubuchon > > > chrisa@commlet.com > > > > > > > -- > > Brian , , > > > > Don't _EVER_ lose your sense of humour.... > > > -- > Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de -- Brian , , Don't _EVER_ lose your sense of humour....