[Fwd: Re: natd -redirect_address]
Steve Bertrand
iaccounts at ibctech.ca
Thu Aug 5 08:47:57 PDT 2004
OP forgot to Cc: list...
thank you so much. I found that for some reason natd was not loading
at boot so I typed this ipfw -f flush
ipfw add divert natd all from any to any via xl0
ipfw add pass all from any to any
natd -n xl0 -redirect_address 192.168.0.10 24.97.250.203
and it works like a dream
Steve Bertrand <iaccounts at ibctech.ca> wrote:
>> Hello all,
>>
>> I am probably missing something really stupid but here it goes. I've
>> read the man pages, the handbook and even googled the problem to no
avail.
>>
>> I am trying to set up natd to redirect public ips to my private
addresses.
>>
>> This is what I have set up in rc.conf
>>
>> defaultrouter="24.97.250.201"
>> gateway_enable="YES"
>> hostname="gir.visionpayments.net"
>> ifconfig_rl0="inet 192.168.0.13 netmask 255.255.255.0"
>> ifconfig_xl0="inet 24.97.250.202 netmask 255.255.255.248"
>> linux_enable="YES"
>> sshd_enable="YES"
>> usbd_enable="YES"
>> firewall_enabled="YES"
>> firewall_type="OPEN"
>> natd_enabled="YES"
>> natd_interface="xl0"
>> natd_flags="-f /etc/natd.conf"
>>
>> This is what I have in natd.conf
>>
>> redirect_address 192.168.0.10 24.97.250.203
>>
>>>From what I read in the man pages and handbook this should be all I
>>> need, however, I cannot even ping 24.97.250.203. So I typed in
>>
>> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
>>
>> and got
>>
>> natd: aliasing address not given
>>
>> So I added
>>
>> ifconfig_xl0_alias0 "inet 24.97.250.203"
>>
>> to rc.conf and now I am able to ping that public addy but it is
doesn't seem to be redirecting me to 192.168.0.10. So I typed in
-bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
>> again to see what was happens and got
>> natd: aliasing address not given
Oh, and to further... when using -redirect_address as above, you must
supply the -i (-interface) or an -alias_address statement. Try this:
# natd -i rl0 -redirect_address 192.168.0.10 0.0.0.0
or this:
# natd -a 24.97.250.203 -redirect_address 192.168.0.10 0.0.0.0
Cheers,
Steve
>> again. am I just being a dumb n00b? wtf am I doing wrong?
>>
>
> First off, have you confirmed natd to be functional? Can the
internal machines get out to the net?
>
> At what point of your firewall ruleset are you diverting to natd?
>
> Have you tried this:
>
> redirect_address 192.168.0.10 0.0.0.0
>
> to see if incoming traffic destined to any public IP gets redirected?
>
> Steve
>
>>
>>
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> New and Improved Yahoo! Mail - 100MB free storage!
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
>> "freebsd-questions-unsubscribe at freebsd.org"
>>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
---------------------------------
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
-------------- next part --------------
thank you so much. I found that for some reason natd was not loading
at boot so I typed this
ipfw -f flush
ipfw add divert natd all from any to any via xl0
ipfw add pass all from any to any
natd -n xl0 -redirect_address 192.168.0.10 24.97.250.203
and it works like a dream
Steve Bertrand <iaccounts at ibctech.ca> wrote:
>> Hello all,
>>
>> I am probably missing something really stupid but here it goes.
>> I've
>> read the man pages, the handbook and even googled the problem to
no
>> avail.
>>
>> I am trying to set up natd to redirect public ips to my private
>> addresses.
>>
>> This is what I have set up in rc.conf
>>
>> defaultrouter="24.97.250.201"
>> gateway_enable="YES"
>> hostname="gir.visionpayments.net"
>> ifconfig_rl0="inet 192.168.0.13 netmask 255.255.255.0"
>> ifconfig_xl0="inet 24.97.250.202 netmask 255.255.255.248"
>> linux_enable="YES"
>> sshd_enable="YES"
>> usbd_enable="YES"
>> firewall_enabled="YES"
>> firewall_type="OPEN"
>> natd_enabled="YES"
>> natd_interface="xl0"
>> natd_flags="-f /etc/natd.conf"
>>
>> This is what I have in natd.conf
>>
>> redirect_address 192.168.0.10 24.97.250.203
>>
>>>From what I read in the man pages and handbook this should be
all I
>>> need, however, I cannot even ping 24.97.250.203. So I typed in
>>
>> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
>>
>> and got
>>
>> natd: aliasing address not given
>>
>> So I added
>>
>> ifconfig_xl0_alias0 "inet 24.97.250.203"
>>
>> to rc.conf and now I am able to ping that public addy but it is
>> doesn't seem to be redirecting me to 192.168.0.10. So I typed in
>> -bash-2.05b$ natd -redirect_address 192.168.0.10 24.97.250.203
>> again to see what was happens and got
>> natd: aliasing address not given
Oh, and to further... when using -redirect_address as above, you
must
supply the -i (-interface) or an -alias_address statement. Try
this:
# natd -i rl0 -redirect_address 192.168.0.10 0.0.0.0
or this:
# natd -a 24.97.250.203 -redirect_address 192.168.0.10 0.0.0.0
Cheers,
Steve
>> again. am I just being a dumb n00b? wtf am I doing wrong?
>>
>
> First off, have you confirmed natd to be functional? Can the
internal
> machines get out to the net?
>
> At what point of your firewall ruleset are you diverting to natd?
>
> Have you tried this:
>
> redirect_address 192.168.0.10 0.0.0.0
>
> to see if incoming traffic destined to any public IP gets
redirected?
>
> Steve
>
>>
>>
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> New and Improved Yahoo! Mail - 100MB free storage!
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
>> "freebsd-questions-unsubscribe at freebsd.org"
>>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
_________________________________________________________________
Do you Yahoo!?
[1]New and Improved Yahoo! Mail - Send 10MB messages!
References
1. http://us.rd.yahoo.com/mail_us/taglines/10/*http://promotions.yahoo.com/new_mail/static/efficiency.html
More information about the freebsd-questions
mailing list