Date: Thu, 29 Jan 1998 08:47:39 +0000 From: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> To: Brian Somers <brian@Awfulhak.org> Cc: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>, freebsd-questions@FreeBSD.ORG, chrisa@commlet.com Subject: Re: natd/libalias question Message-ID: <19980129084739.25989@gil.physik.rwth-aachen.de> In-Reply-To: <199801282028.UAA09534@awfulhak.org>; from Brian Somers on Wed, Jan 28, 1998 at 08:28:49PM %2B0000 References: <19980128090647.59235@gil.physik.rwth-aachen.de> <199801282028.UAA09534@awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 28, 1998 at 08:28:49PM +0000, Brian Somers wrote: > [.....] > > Sorry, it's a while back but I found this in the questions list while > > seeking for tips to set up my natd/ipfw. > > > > What do you mean by quoting? Where in the man page is this said? Just for completeness (since you didn't pick up on the above question): Did you mean quoting the ':' constructs (if there were any)? Otherwise the cited line ..-redirect_address localIP publicIP wouldn't require quoting. > > > > I'm desparately trying to establish natd/ipfw on my local network > > with one gateway machine to the internet. > > > > | > > ISDN (bisdn) > > | > > | > > 137.226.123.27 > > | > > FreeBSD BOX (gateway) > > ipi0: flags=2851<UP,POINTOPOINT,RUNNING,SIMPLEX,LINK1> mtu 1500 > > inet 137.226.123.27 --> 137.226.123.1 netmask 0xffffffff > > | > > le0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > > inet 192.168.1.119 netmask 0xffffff00 broadcast 192.168.1.255 > > ether 08:00:b9:34:c6:e8 > > | > > 192.168.1.119 > > | > > ----------+-----------------------+----------------+------------- > > | | > > 192.168.1.114 > > (inside) > > > > I only have one official IP address. I want to set up natd/ipfw > > such that I can go out from the inside machine (192.168.1.114) > > to the outside world. From the few I understand about natd this is > > possible. > > > > But how do I set it up. > > This is my present /etc/rc.firewall: > > /sbin/ipfw -f flush > > ##/sbin/ipfw add divert natd all from any to any via le0 > > ##/sbin/ipfw add divert natd all from 192.168.1.114 to 192.168.1.119 via le0 > > ##/sbin/ipfw add divert natd all from 192.168.1.119 to 137.226.145.27 via ipi0 > > /sbin/ipfw add pass all from any to any > > > > You see my desparate signs of experimenting. > > You need `ipfw add divert natd all from any to any via ipi0', and > `natd -n ipi0'. I'm about to make this clearer in the man page :-) > > > Routing info on the gateway: > > > > isdn-kukulies# netstat -rn > > Routing tables > > > > Internet: > > Destination Gateway Flags Refs Use Netif Expire > > default 137.226.123.1 UGSc 3 1725 ipi0 > > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > > 137.226.123.1 137.226.123.27 UH 2 11 ipi0 > > 192.168.0.1 192.168.1.119 UH 0 0 ipi1 > > 192.168.0.4 192.168.1.119 UGHS 0 0 ipi0 > > 192.168.1 link#1 UC 0 0 > > 192.168.1.114 0:0:c0:47:c5:a1 UHLW 1 1073 le0 157 > > 192.168.1.119 8:0:b9:34:c6:e8 UHLW 0 6 lo0 > > 192.168.1.217 0:e0:29:b:7e:4a UHLW 0 1 le0 655 > > > > AppleTalk: > > Destination Gateway Flags Refs Use Netif Expire > > > > > > > > > > > Chris Aubuchon > > > > chrisa@commlet.com > > > > > > > > > > -- > > > Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org> > > > <http://www.Awfulhak.org>; > > > Don't _EVER_ lose your sense of humour.... > > > > > -- > > Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de > > -- > Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org> > <http://www.Awfulhak.org>; > Don't _EVER_ lose your sense of humour.... > -- --Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980129084739.25989>