Simple NAT
Polytropon
freebsd at edvax.de
Mon Jan 26 20:37:08 UTC 2015
On Mon, 26 Jan 2015 16:45:16 +0100, Luciano Mannucci wrote:
> I have a freebsd machine (FreeBSD troika 10.1-RELEASE FreeBSD 10.1-RELEASE #0
> r274401) with openvpn that works like a charm :-)...
> I wish to nat one and only one of my openvpn clients, possibly for a
> single destination. What's the better way to avoid disturbing the rest
> of the operations?
> Any clues?
> Is IPFW my friend?
Yes, that should work. In /etc/rc.conf, set
natd_enable="YES"
natd_interface="xl0"
where "xl0" is the "outer" interface.
In your custom /etc/ipfw.conf, add the rule
add divert natd ip from any to any via xl0
and refine the "from any to any" part to reflect the
IP addresses (and maybe specific ports) for the connection
you want to translate, so the rule will only allow for
that _one_ destination you want to enable.
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list