IPFW + NATD
Micheal Patterson
micheal at cancercare.net
Sun Jul 13 09:53:17 PDT 2003
----- Original Message -----
From: "Vitor de Matos Carvalho" <listas at softinfo.com.br>
To: <freebsd-questions at freebsd.org>
Sent: Sunday, July 13, 2003 7:18 AM
Subject: IPFW + NATD
> Hi,
>
> I have two networks: 10.1.0.0/16 and 10.2.0.0/16
>
> Only that I need to make the NAT for only a one network, 10.2.0.0/16.
Network 10,1,0,0/16 does not have external access.
> How I configure in ipfw + natd so that this is possible?
> My interface of exit is xl0 interface of network 10.1.0.0/16 is xl1, and
interface of network 10.2.0.0/16 is xl2.
> As I configure in ipfw using natd to make nat only for net 10.2.0.0/16.
>
>
>
> Regards,
>
> ---------------------------------------------------
> Vitor de Matos Carvalho - #5602098
> Softinfo Network Administrator
> +55 (71)9971-5011 / +55 (71)9986-9317
> Salvador - Bahia - Brazil
> FreeBSD: The silent Workhorse
I would think it would be something like this:
# Divert all outbound traffic through nat
#
ipfw add 1 divert natd all from any to any via xl0
#
### Allow traffic from <> to internal networks
#
ipfw add 2 allow ip from 10,1,0,0/16 to 10.2.0.0/16
ipfw add 2 allow ip from 10.2.0.0/16 to 10.1.0.0/16
#
### Deny 10.1.0.0/16 traffic to anyone else
#
ipfw add 4 deny ip from 10.1.0.0/16 to any
#
### Rest of firewall rules
#
--
Micheal Patterson
Network Administration
Cancer Care Network
405-733-2230
More information about the freebsd-questions
mailing list