IPFW + NATD
David S. Madole
david at madole.net
Wed May 10 14:03:29 UTC 2006
marcel245 at mweb.co.za wrote:
> Now i =ave tried the likes of "ipfw add divert natd all from
> 10.150.200.= 35 to 196.25.211.150 via tun0"
> And that does not work. Ive tried many examples. And cannot come right
That is fine, but you need to make sure the packets for both directions
of the connections go through natd.
Without seeing your entire set of ipfw rules and configuration, I can't
suggest exactly what to do, but remember the outgoing packets will match
addresses before NAT (on the inside of natd) and the incoming will match
after NAT (on the outside of natd).
Assuming that 1.2.3.4 is the address you are NATing to, something
similar to this should work:
00001 divert natd ip from 10.150.200.5 to 196.25.211.150 xmit via tun0
00002 divert natd ip from any to 1.2.3.4 recv via tun0
Adjust to suit your own configuration.
David
More information about the freebsd-hackers
mailing list