fbsd8 at a1poweruser.com
Wed Aug 13 19:32:19 UTC 2014
Adam Vande More wrote:
> On Wed, Aug 13, 2014 at 11:48 AM, Luciano Mannucci <luciano at vespaperitivo.it
>> Hello, I'm still migrating machines from linux to FreeBSD. I'm wondering if
>> my translation from this iptables linux rule
>> iptables -t nat -A POSTROUTING -s 192.168.7.234/32 -d 172.16.1.0/24 -o
>> eth1 -j
>> (which means moreless if Mr 192.168.7.234 wherever he comes fom passes
>> through our eth1 interface to go to 172.16.1 network should get our
>> eth1 address instead of his)
>> is moreless correctly translated in FreeBSD ipnat rules as
>> map em0 192.168.7.234/32 -> 0/32
>> or I'm missing something?
> You might want to use a more integrated and supported FW such as IPFW or PF
> to do NAT.
Disregard that last post. ipfilter was updated to the current version 5
in RELEASE 10.0 and I think also for 9.3. Been using ipfilter since
RELEASE 4.0 without any problems. Its rock hard and easy to use.
map = The keyword map starts the rule.
em0 = The interface name of the interface facing the public Internet.
192.168.7.234/32 = The IP address range of the private LAN.
-> = Mandatory arrow symbol.
0.32 = The IP address/netmask assigned by your ISP.
The special alias keyword 0.32 tells ipnat to get the current
IP address of the interface specified on this statement and
substitute it for the 0.32 keyword.
More information about the freebsd-questions