NAT question
Márcio Luciano Donada
mdonada at slchapeco.org
Wed May 25 23:17:21 GMT 2005
Good Night
A'm using natd and ipfw:
#NATD
${fwcmd} add divert 8668 ip from 192.168.1.0/24 to not 192.168.1.0/24
${fwcmd} add divert 8668 ip from not 192.168.1.0/24 to 200.1.2.3
[]'s
Márcio
> george roman wrote:
> > hi,
> > i have a small privat network and i do not want to
> > give internet acces to all the users in the network.
> > for nat, i use comand
> >
> > ipfw add divert natd all from any to any via fxp0
> >
> > what would be the comand with whom i can restrict
> > acces only to certain ip addresses ?
> >
> > i tried this command
> > ipfw add divert natd all from 192.168.1.1/32 to any
> > via fxp0
> >
> > to give access to internet only to the 192.168.1.1 ip
> > but it didn't work
>
> Yes, you are preventing incoming traffic from being nat'ed.
>
> Try using two rules instead:
>
> ipfw add divert natd all from any to any in recv fxp0
> ipfw add divert natd all from 192.168.1.1/32 to any out xmit fxp0
>
> Thomas
>
>
>
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
>
____________________________________________________
Yahoo! Mail, cada vez melhor: agora com 1GB de espaço grátis! http://mail.yahoo.com.br
More information about the freebsd-ipfw
mailing list