Problem about ppp -nat
Manolis Kiagias
sonic2000gr at gmail.com
Sat Nov 22 23:41:42 PST 2008
Pongthep Kulkrisada wrote:
> * Manolis Kiagias (sonic2000gr at gmail.com) wrote:
>
>> This worked fine for me, although I prefer to use pf. Here is how I
>> setup pf (Adjust for your interfaces as necessary)
>>
>> My Internet interface is rl0, setup in rc.conf as:
>>
>> ifconfig_rl0="inet 192.168.0.100 netmask 255.255.255.0"
>>
>> My local interface is rl1, setup in rc.conf as:
>>
>> ifconfig_rl1="inet 192.168.1.100 netmask 255.255.255.0"
>>
> 3. I haven't mentioned that I can't use this configuration. I have 2
> interfaces i.e. public and private LAN. But I have only one NIC card for
> private LAN. I don't have NIC card for public. I'm using 56k modem to
> connect the outside world. I think I can't add
>
> ifconfig_tun0="inet 192.168.0.100 netmask 0xffffff00"
>
You won't of course put this in rc.conf. However AFAIK tun0 is *still*
a network interface and can appear in firewall rules.
So the PF method I described should work, tun0 is considered the
"external" network interface, the rule would be:
nat pass on tun0 from rl1:network to any -> (tun0)
where rl1 would be the internal interface. Needless to say, I have no
way of testing the above as I don't have a modem.
Since obviously you want to use ipfw, I still suggest you go by the
handbook:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html
First, make sure Internet works normally on your FreeBSD host. Then
apply the above instructions. The example in the handbook shows a line:
natd_interface="fxp0"
which in your case would be:
natd_interface="tun0"
It seems you already have these settings though, so I would review the
Handbook instructions and remove anything else from the configuration
which does not appear there. Once things are working, go back and add
firewall rules etc. Handbook instructions worked for me (with two
ethernet cards though) "out of the box".
More information about the freebsd-questions
mailing list