Date: Thu, 28 Sep 2000 22:17:23 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Mike Nowlin <mike@argos.org> Cc: Chuck Rock <carock@epctech.com>, "'Freebsd-Ipfw" <freebsd-ipfw@FreeBSD.ORG> Subject: Re: nat ipfw and multiple IP's on interface.... Message-ID: <20000928221723.O81242@149.211.6.64.reflexcom.com> In-Reply-To: <Pine.LNX.4.21.0009290024400.16845-100000@jason.argos.org>; from mike@argos.org on Fri, Sep 29, 2000 at 12:31:25AM -0400 References: <20000928192405.I81242@149.211.6.64.reflexcom.com> <Pine.LNX.4.21.0009290024400.16845-100000@jason.argos.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Sep 29, 2000 at 12:31:25AM -0400, Mike Nowlin wrote: > On Thu, 28 Sep 2000, Crist J . Clark wrote: > > > On Thu, Sep 28, 2000 at 12:04:18PM -0500, Chuck Rock wrote: > > > I have my public interface with several IP's, and I would like to specify > > > which NAT internal IP uses which public IP on the external interface for out > > > bound traffic. > > > > > > Is this possible? > > > > Could you try to rephrase what you want to do. I get a unrecoverable > > parser error when I try to read that sentence. I understand everything > > up to the 'and.' From there, things get a little hairy. > > I'll take a stab at it... > > Methinks he means "I would like to specify which of my public IPs are > selected to act on behalf of NAT, dependant on which private-network > machine is asking NAT to do it's thing." > > example: > public IPs = 1.1.1.1, 1.1.1.2, 1.1.1.3, 1.1.1.4 > > private = 10.2.2.0/24 > > machine 10.2.2.17 should have it's NAT traffic run through 1.1.1.2 > machine 10.2.2.29 should have it's NAT traffic run through 1.1.1.4 > ...etc. > > I haven't looked at this recently, but I'm guessing you can do it through > running several copies of natd (one for each public IP) that are each > listening on a different port number, and some fancy ipfw divert rules... > Just listen for requests from each internal IP and divert the packets to > the appropriate copy of natd. Nah. If that's an accurate translation, all he needs to do is, # cat /etc/natd.conf redirect_address 10.2.2.17 1.1.1.2 redirect_address 10.2.2.29 1.1.1.4 ... -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000928221723.O81242>