DNAT in freebsd

Sami Halabi sodynet1 at gmail.com
Sun Jun 30 05:15:58 UTC 2013 

Any buyers? :)
I need your kindly help on this...

Sami
בתאריך 29 ביונ 2013 09:50, מאת "Sami Halabi" <sodynet1 at gmail.com>:

> I think I was misunderstood...
> Here is the situation i want to handle:
> My box is a router that handles several /24 behind.
> One of my links (em0) is connected to a private network 192.168.0.1 is me,
> my neighbour is 192.168.0.2.
> I want to make that any connection comes to 192.168.0.1  to go to ip
> 193.xxx.yyy.2 using specific public ip 84.xx.yy.1
> And packets comming to my public 84.xx.yy.1 ip to be trsnslated as came
> from 192.168.0.1 and sent to 192.168.0.2/or ant other ips
> behind(192.168.1.xx/24).
>
> Hope that makes it clearer, and I appreciate any help.
>
> Sami
> בתאריך 29 ביונ 2013 03:30, מאת "Paul A. Procacci" <pprocacci at datapipe.com
> >:
>
>> > Hi, (sorry for sending again, the last email was with wrong subject)
>> > I would like to perform a full dnat/snat as in iptbles in:
>> > linux-ip.net/html/nat-dnat.html
>> > How it can be done in fbsd, I use ipfw.
>> >
>> > I seeked natd man page but its translation, and thr proxy_rule is for
>> > specefic port, not a whole transparancy.
>> >
>>
>> Using in-kernel nat is probably a better choice IMHO.
>>
>> read `man ipfw(8)`
>>
>> The section labeled EXAMPLES has exactly what you need.
>> Here is a snippet from the manpage to get you started:
>>
>> -------------------------------
>> <!--snip-->
>>
>> Then to configure nat instance 123 to alias all the outgoing traffic with
>> ip 192.168.0.123, blocking all incoming connections, trying to keep same
>> ports on both sides, clearing aliasing table on address change and keep-
>> ing a log of traffic/link statistics:
>>
>>     ipfw nat 123 config ip 192.168.0.123 log deny_in reset same_ports
>>
>> <!--snip-->
>>
>>            ipfw nat 123 config redirect_addr 10.0.0.1 10.0.0.66
>>                            redirect_port tcp 192.168.0.1:80 500
>>                            redirect_proto udp 192.168.1.43 192.168.1.1
>>                            redirect_addr 192.168.0.10,192.168.0.11
>>                                    10.0.0.100 # LSNAT
>>                            redirect_port tcp 192.168.0.1:80,
>> 192.168.0.10:22
>>                                    500        # LSNAT
>>
>> <!--snip-->
>> -------------------------------
>>
>>
>> ~Paul
>>
>> ________________________________
>>
>> This message may contain confidential or privileged information. If you
>> are not the intended recipient, please advise us immediately and delete
>> this message. See http://www.datapipe.com/legal/email_disclaimer/ for
>> further information on confidentiality and the risks of non-secure
>> electronic communication. If you cannot access these links, please notify
>> us by reply message and we will send the contents to you.
>>
>

More information about the freebsd-net mailing list