From owner-freebsd-questions Sat Apr 24 18:15: 5 1999 Delivered-To: freebsd-questions@freebsd.org Received: from proteus.idirect.com (proteus.idirect.com [207.136.80.19]) by hub.freebsd.org (Postfix) with ESMTP id 279A21545B for ; Sat, 24 Apr 1999 18:15:02 -0700 (PDT) (envelope-from fehr@idirect.com) Received: from localhost (fehr@localhost) by proteus.idirect.com (8.9.3/8.9.3) with ESMTP id VAA82987 for ; Sat, 24 Apr 1999 21:15:01 -0400 (EDT) Date: Sat, 24 Apr 1999 21:15:00 -0400 (EDT) From: "Eric D. Fehr" To: freebsd-questions@freebsd.org Subject: NATD question (isn't NATing) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've been strugling with getting NATD working on an ADSL connection for a while now, and decided to seek the insight of others. I can't get it to translate the source address on outbound packets. My FreeBSD 3.1 box (a nice, shinny new PIII-500) has two NICs installed, one (vr0, curent IP 161.184.x.x) connected to a Cisco 675e for the ADSL connection, and the other (fxp0, 10.0.0.1) connected to my internal network. The IP given for vr0 it attained using dhcpc, and has a lease interval of 12 hours. My rc.firewall config is: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via fxp0 /sbin/ipfw add pass all from any to any I am launching natd with the following args to test it: natd -interface vr0 -u -dynamic -v On the local network (connected via fxp0), I have a win98 system (10.0.0.2, gateway 10.0.0.1) with a ping running of a remote system (207.136.80.19). Here is the weird part: The ping is registered as going out with an IP source of 10.0.0.2. It is never having the source address translated. Here is a log from natd: In [ICMP] 10.0.0.2 -> 207.136.80.19 aliased to 10.0.0.2 -> 207.136.80.19 Running trafshow -n -i vr0 confirms this behavior: From To Proto Bytes CPS 10.0.0.2 207.136.80.19 icmp 120 12 My question is: what am I doing wrong? I have tried force feeding natd my vr0 ip address, with "natd -a 161.184.x.x -u -dynamic -v", but it has the exact same results. (The real IP has, of course, been concealed with x's) I'm lost... Thanks for any help, Eric To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message