DNAT in freebsd

Sat Jun 29 00:30:56 UTC 2013

> Hi, (sorry for sending again, the last email was with wrong subject)
> I would like to perform a full dnat/snat as in iptbles in:
> linux-ip.net/html/nat-dnat.html
> How it can be done in fbsd, I use ipfw.
>
> I seeked natd man page but its translation, and thr proxy_rule is for
> specefic port, not a whole transparancy.
>

Using in-kernel nat is probably a better choice IMHO.

read `man ipfw(8)`

The section labeled EXAMPLES has exactly what you need.
Here is a snippet from the manpage to get you started:

-------------------------------
<!--snip-->

Then to configure nat instance 123 to alias all the outgoing traffic with
ip 192.168.0.123, blocking all incoming connections, trying to keep same
ports on both sides, clearing aliasing table on address change and keep-
ing a log of traffic/link statistics:

    ipfw nat 123 config ip 192.168.0.123 log deny_in reset same_ports

<!--snip-->

           ipfw nat 123 config redirect_addr 10.0.0.1 10.0.0.66
                           redirect_port tcp 192.168.0.1:80 500
                           redirect_proto udp 192.168.1.43 192.168.1.1
                           redirect_addr 192.168.0.10,192.168.0.11
                                   10.0.0.100 # LSNAT
                           redirect_port tcp 192.168.0.1:80,192.168.0.10:22
                                   500        # LSNAT

<!--snip-->
-------------------------------

~Paul

________________________________

This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/legal/email_disclaimer/ for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.