NAT question

[Konstantin Kulikov]

Hello.

ipfw nat 1 config ip 1.2.3.4
ipfw nat 2 config ip 1.2.3.5
ipfw nat 3 config ip 1.2.3.6
ipfw add nat 1 ip from 4.5.6.7/32 to any out via $ext
ipfw add nat 2 ip from 4.5.6.0/24 to any out via $ext
ipfw add nat 3 ip from 8.9.0.0/24 to any out via $ext
ipfw add nat 1 ip from any to 1.2.3.4 in via $ext
ipfw add nat 2 ip from any to 1.2.3.5 in via $ext
ipfw add nat 3 ip from any to 1.2.3.6 in via $ext

Should work (untested though).
As for your dnat questing I think you want redirect_addr nat option.

On Sat, Feb 21, 2015 at 5:08 AM, Mason Loring Bliss <mason at blisses.org> wrote:
> Hi all.
>
> With iptables, I can say something like:
>
> -t nat -A POSTROUTING -o eth0 -s 4.5.6.7/32 -d 0/0 -j SNAT --to-source 1.2.3.4
> -t nat -A POSTROUTING -o eth0 -s 4.5.6.0/24 -d 0/0 -j SNAT --to-source 1.2.3.5
> -t nat -A POSTROUTING -o eth0 -s 8.9.0.0/24 -d 0/0 -j SNAT --to-source 1.2.3.6
>
> So, traffic going out from 4.5.6.7 goes into the world sourced from 1.2.3.4,
> whereas the rest of 4.5.6/24 goes as 1.2.3.5, and all of 8.9.0/24 comes out
> from 1.2.3.6.
>
> I don't see how to do this with IPFW. I assume there's some way to do it with
> the GENERIC kernel, so I'm assuming natd is deprecated, as it requires a
> custom kernel, as far as I can see.
>
> How do I accomplish this with IPFW? Or do I need to use PF for this? Or are
> those independent of the NAT after all and I want to use something else? If
> that's the case, does it require natd and a custom kernel, or is there
> something that works with a GENERIC kernel? (This will be 10.1, FWIW.)
>
> Thanks.
>
> --
> Love is a snowmobile racing across the tundra and then suddenly it
> flips over, pinning you underneath. At night, the ice weasels come.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"