From owner-freebsd-questions  Mon Apr 26 15:59:23 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32])
	by hub.freebsd.org (Postfix) with ESMTP id 3095F153E6
	for <freebsd-questions@FreeBSD.ORG>; Mon, 26 Apr 1999 15:59:15 -0700 (PDT)
	(envelope-from dwhite@resnet.uoregon.edu)
Received: from localhost (dwhite@localhost)
          by resnet.uoregon.edu (8.8.8/8.8.8) with ESMTP id PAA03344;
          Mon, 26 Apr 1999 15:59:13 -0700 (PDT)
          (envelope-from dwhite@resnet.uoregon.edu)
Date: Mon, 26 Apr 1999 15:59:12 -0700 (PDT)
From: Doug White <dwhite@resnet.uoregon.edu>
To: "Eric D. Fehr" <fehr@idirect.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: NATD question (isn't NATing)
In-Reply-To: <Pine.BSF.4.10.9904242049200.82962-100000@proteus.idirect.com>
Message-ID: <Pine.BSF.4.03.9904261556330.6951-100000@resnet.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, 24 Apr 1999, Eric D. Fehr wrote:

> I've been strugling with getting NATD working on an ADSL connection for a
> while now, and decided to seek the insight of others.  I can't get it to
> translate the source address on outbound packets.
> 
> My FreeBSD 3.1 box (a nice, shinny new PIII-500) has two NICs installed,
> one (vr0, curent IP 161.184.x.x) connected to a Cisco 675e for the ADSL
> connection, and the other (fxp0, 10.0.0.1) connected to my internal
> network.  The IP given for vr0 it attained using dhcpc, and has a lease
> interval of 12 hours.
> 
> My rc.firewall config is:
> 
> /sbin/ipfw -f flush
> /sbin/ipfw add divert natd all from any to any via fxp0
> /sbin/ipfw add pass all from any to any             

I suggest using the stock rc.firewall and the provided hooks in rc.conf
for enabling natd.  

> I am launching natd with the following args to test it:
> 
> natd -interface vr0 -u -dynamic -v

I run this with short arguments, but it should be ok.

> On the local network (connected via fxp0), I have a win98 system
> (10.0.0.2, gateway 10.0.0.1) with a ping running of a remote system
> (207.136.80.19).
> 
> Here is the weird part:  The ping is registered as going out with an IP
> source of 10.0.0.2.  It is never having the source address translated.
> Here is a log from natd:
> 
> In [ICMP] 10.0.0.2 -> 207.136.80.19 aliased to
>           10.0.0.2 -> 207.136.80.19

It doesn't seem to think 10.0.0.2 is an internal network.  Try taking the
-u option off.  Can i see the output of 'ifconfig vr0'?

Doug White                               
Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message