FreeBSD firewall, nat, kernel
David Stanford
dthomas53 at gmail.com
Wed Jun 14 04:29:16 UTC 2006
On 6/14/06, Dennis Olvany <dennisolvany at gmail.com> wrote:
>
> From a fresh install, a working nat should only require a few commands.
> Kernel compilation is not necessary.
I personally don't use the NAT function in my IPFW config, and thus just
reverted to the handbook,,,*cough*, excuse me...bible for the information.
Though, if this is the case you should probably submit a PR to the docs team
to avoid future confusion. :)
kldload ipfw
> kldload ipdivert
> sysctl net.inet.ip.forwarding=1
> dhclient xl0
> natd -dynamic -n xl0
> ipfw add divert natd ip from any to any via xl0
> ipfw add allow ip from any to any
> ifconfig rl0 192.168.100.253/24
>
> To make the config permanent, you just need to use the rc equivalents of
> those commands.
>
> /etc/rc.conf
>
> firewall_enable="yes"
> firewall_type="/etc/ipfw.rules"
> gateway_enable="yes"
> ifconfig_xl0="dhcp"
> ifconfig_rl0="192.168.100.253/24"
> natd_enable="yes"
> natd_interface="xl0"
>
> /etc/ipfw.rules
>
> add divert natd ip from any to any via xl0
> add allow ip from any to any
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>
-David
--
[root at fbsd ~]# fortune
Happiness is just an illusion, filled with sadness and confusion.
More information about the freebsd-questions
mailing list