[Fwd: Re: natd -redirect_address]

Steve Bertrand iaccounts at ibctech.ca
Thu Aug 5 08:47:57 PDT 2004 

OP forgot to Cc: list...

thank you so much.  I found that for some reason natd was not loading
at boot so I typed this ipfw -f flush
ipfw add divert natd all from any to any via xl0
ipfw add pass all from any to any
natd -n xl0 -redirect_address 192.168.0.10 24.97.250.203
and it works like a dream

Steve Bertrand <iaccounts at ibctech.ca> wrote:
>> Hello all,
>>
>> I am probably missing something really stupid but here it goes. I've
>> read the man pages, the handbook and even googled the problem to no
avail.
>>
>> I am trying to set up natd to redirect public ips to my private
addresses.
>>
>> This is what I have set up in rc.conf
>>
>> defaultrouter="24.97.250.201"
>> gateway_enable="YES"
>> hostname="gir.visionpayments.net"
>> ifconfig_rl0="inet 192.168.0.13 netmask 255.255.255.0"
>> ifconfig_xl0="inet 24.97.250.202 netmask 255.255.255.248"
>> linux_enable="YES"
>> sshd_enable="YES"
>> usbd_enable="YES"
>> firewall_enabled="YES"
>> firewall_type="OPEN"
>> natd_enabled="YES"
>> natd_interface="xl0"
>> natd_flags="-f /etc/natd.conf"
>>
>> This is what I have in natd.conf
>>
>> redirect_address 192.168.0.10 24.97.250.203
>>
>>>From what I read in the man pages and handbook this should be all I
>>> need, however, I cannot even ping 24.97.250.203. So I typed in
>>
>> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
>>
>> and got
>>
>> natd: aliasing address not given
>>
>> So I added
>>
>> ifconfig_xl0_alias0 "inet 24.97.250.203"
>>
>> to rc.conf and now I am able to ping that public addy but it is
doesn't seem to be redirecting me to 192.168.0.10. So I typed in
-bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
>> again to see what was happens and got

>> natd: aliasing address not given

Oh, and to further... when using -redirect_address as above, you must
supply the -i (-interface) or an -alias_address statement. Try this:

# natd -i rl0 -redirect_address 192.168.0.10 0.0.0.0

or this:

# natd -a 24.97.250.203 -redirect_address 192.168.0.10 0.0.0.0

Cheers,

Steve

>> again. am I just being a dumb n00b? wtf am I doing wrong?
>>
>
> First off, have you confirmed natd to be functional? Can the
internal machines get out to the net?
>
> At what point of your firewall ruleset are you diverting to natd?
>
> Have you tried this:
>
> redirect_address 192.168.0.10 0.0.0.0
>
> to see if incoming traffic destined to any public IP gets redirected?
>
> Steve
>
>>
>>
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> New and Improved Yahoo! Mail - 100MB free storage!
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
>> "freebsd-questions-unsubscribe at freebsd.org"
>>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>


_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"


---------------------------------
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
-------------- next part --------------

   thank you so much.  I found that for some reason natd was not loading
   at boot so I typed this

   ipfw -f flush

   ipfw add divert natd all from any to any via xl0

   ipfw add pass all from any to any

   natd -n xl0 -redirect_address 192.168.0.10 24.97.250.203

   and it works like a dream
   Steve Bertrand <iaccounts at ibctech.ca> wrote:

     >> Hello all,
     >>
     >> I am probably missing something really stupid but here it goes.
     >> I've
     >> read the man pages, the handbook and even googled the problem to
     no
     >> avail.
     >>
     >> I am trying to set up natd to redirect public ips to my private
     >> addresses.
     >>
     >> This is what I have set up in rc.conf
     >>
     >> defaultrouter="24.97.250.201"
     >> gateway_enable="YES"
     >> hostname="gir.visionpayments.net"
     >> ifconfig_rl0="inet 192.168.0.13 netmask 255.255.255.0"
     >> ifconfig_xl0="inet 24.97.250.202 netmask 255.255.255.248"
     >> linux_enable="YES"
     >> sshd_enable="YES"
     >> usbd_enable="YES"
     >> firewall_enabled="YES"
     >> firewall_type="OPEN"
     >> natd_enabled="YES"
     >> natd_interface="xl0"
     >> natd_flags="-f /etc/natd.conf"
     >>
     >> This is what I have in natd.conf
     >>
     >> redirect_address 192.168.0.10 24.97.250.203
     >>
     >>>From what I read in the man pages and handbook this should be
     all I
     >>> need, however, I cannot even ping 24.97.250.203. So I typed in
     >>
     >> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
     >>
     >> and got
     >>
     >> natd: aliasing address not given
     >>
     >> So I added
     >>
     >> ifconfig_xl0_alias0 "inet 24.97.250.203"
     >>
     >> to rc.conf and now I am able to ping that public addy but it is
     >> doesn't seem to be redirecting me to 192.168.0.10. So I typed in
     >> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
     >> again to see what was happens and got
     >> natd: aliasing address not given
     Oh, and to further... when using -redirect_address as above, you
     must
     supply the -i (-interface) or an -alias_address statement. Try
     this:
     # natd -i rl0 -redirect_address 192.168.0.10 0.0.0.0
     or this:
     # natd -a 24.97.250.203 -redirect_address 192.168.0.10 0.0.0.0
     Cheers,
     Steve
     >> again. am I just being a dumb n00b? wtf am I doing wrong?
     >>
     >
     > First off, have you confirmed natd to be functional? Can the
     internal
     > machines get out to the net?
     >
     > At what point of your firewall ruleset are you diverting to natd?
     >
     > Have you tried this:
     >
     > redirect_address 192.168.0.10 0.0.0.0
     >
     > to see if incoming traffic destined to any public IP gets
     redirected?
     >
     > Steve
     >
     >>
     >>
     >>
     >>
     >> ---------------------------------
     >> Do you Yahoo!?
     >> New and Improved Yahoo! Mail - 100MB free storage!
     >> _______________________________________________
     >> freebsd-questions at freebsd.org mailing list
     >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
     >> To unsubscribe, send any mail to
     >> "freebsd-questions-unsubscribe at freebsd.org"
     >>
     >
     >
     > _______________________________________________
     > freebsd-questions at freebsd.org mailing list
     > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
     > To unsubscribe, send any mail to
     > "freebsd-questions-unsubscribe at freebsd.org"
     >
     _______________________________________________
     freebsd-questions at freebsd.org mailing list
     http://lists.freebsd.org/mailman/listinfo/freebsd-questions
     To unsubscribe, send any mail to
     "freebsd-questions-unsubscribe at freebsd.org"
     _________________________________________________________________

   Do you Yahoo!?
   [1]New and Improved Yahoo! Mail - Send 10MB messages!

References

   1. http://us.rd.yahoo.com/mail_us/taglines/10/*http://promotions.yahoo.com/new_mail/static/efficiency.html

More information about the freebsd-questions mailing list