[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Newbie NAT difficulties

To: "'misc@openbsd.org'" <misc@openbsd.org>
Subject: Re: Newbie NAT difficulties
From: Larry Moore <lmoore@starwon.com.au>
Date: Wed, 15 Aug 2001 08:06:26 +0800
Content-Disposition: inline
References: <D1FE12CF0777D1118A7200A0C9314FE28B139C@dogbert.corp.tconcepts.c om>

Try this in your ipnat.rules file:

	map dc0 10.0.0.0/24 -> 0/32 portmap auto
	map dc0 10.0.0.0/24 -> 0/32

Cheers,

Larry.

--On Tuesday, 14 August 2001 16:00 -0500 "Jake L. Wegman" <jake@ultrex.com> 
wrote:

> Fresh install of OpenBSD 2.9, BASE install.
>
> I've spent the past few years with Linux (Redhat) and now would like to
> learn the virtues of OpenBSD...  My CD's arrived this past week...
>
> So on with the story, fresh install on a Pentium 100, 16MB RAM, two DEC
> NICs (Linksys v2)
>
>> From an internal machine, I am NOT getting the traffic BACK!
>
> (is this a routing issue that I'm over looking?  I'm not the wizard of
> routing...  Even basics...)
>
> I try to open a web page, ipnat -l returns:
>
> 	ipnat -l
> 	List of active MAP/Redirect filters:
> 	map dc0 10.0.0.0/24  -> 209.163.32.120/29  portmap tcp/udp
> 10000:60000
> 	map dc0 10.0.0.0/24  -> 209.163.32.120/29
>
> 	List of active sessions:
> 	MAP 10.0.0.203      1439  <- -> 209.163.32.121  10001 [129.128.5.191
> 80]
>
> I have configured the NIC's AFTER the install of OpenBSD 2.9;
>
> 	dc0	-	External Interface	209.163.32.126/29	<-
> (Fictitoius IP)
> 	dc1	-	LAN Interface, 		10.0.0.240/24
>
> [Setup Per the FAQ]
>
> 	/etc/hostname.dc0
> 		inet 209.163.32.126 255.255.255.248 NONE
> 	/etc/hostname.dc1
> 		inet 10.0.0.240 255.255.255.0 NONE
> 	/etc/mygate
> 		209.163.32.121
> 	/etc/sysctl.conf
> 		net.inet.ip.forwarding=1
> 	/etc/rc.conf
> 		ipfilter=YES
> 		ipnat=YES
> 	/etc/ipf.rules
> 		pass in from any to any
> 		pass out from any to any
> 	/etc/ipnat.rules
> 		map dc0 10.0.0.0/24 -> 209.163.32.126/29 portmap tcp/udp
> 10000:60000
> 		map dc0 10.0.0.0/24 -> 209.163.32.126/29
>
> ipf -V
> 	ipf: IP Filter: v3.4.16 (256)
> 	Kernel: IP Filter: v3.4.16
> 	Running: yes
> 	Log Flags: 0 = none set
> 	Default: pass all, Logging: available
> 	Active list: 0
>
> ipnat -l
> 	List of active MAP/Redirect filters:
> 	map dc0 10.0.0.0/24  -> 209.32.111.120/29  portmap tcp/udp
> 10000:60000
> 	map dc0 10.0.0.0/24  -> 209.32.111.120/29
> 	
> 	List of active sessions:
>
> ifconfig dc0
> dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         media: Ethernet autoselect (10baseT)
>         status: active
>         inet 209.163.32.126 netmask 0xfffffff8 broadcast 209.163.32.127
>         inet6 fe80::2a0:ccff:fee4:4b15%dc0 prefixlen 64 scopeid 0x1
> ifconfig dc1
> dc1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         media: Ethernet autoselect (100baseTX full-duplex)
>         status: active
>         inet 10.0.0.240 netmask 0xffffff00 broadcast 10.0.0.255
>         inet6 fe80::2a0:ccff:fee4:4aff%dc1 prefixlen 64 scopeid 0x2
>
> route -n show
> 	Routing tables
>
> 	Internet:
> 	Destination      Gateway            Flags
> 	default          209.163.32.121     UG
> 	10.0.0.0         link#2             U
> 	10.0.0.170       0:60:8:39:b4:ee    UH
> 	10.0.0.203       0:a0:c9:d6:be:46   UH
> 	127.0.0.0        127.0.0.1          UG
> 	127.0.0.1        127.0.0.1          UH
> 	209.163.32.120   link#1             U
> 	209.163.32.121   link#1             UH
> 	224.0.0.0        127.0.0.1          U
>
> Thanks
> Jake
> jake@ultrex.com

Follow-Ups:
- Re: Newbie NAT difficulties
  - From: Larry Moore <lmoore@starwon.com.au>

References:
- Newbie NAT difficulties
  - From: "Jake L. Wegman" <jake@ultrex.com>

Prev by Date: package info, and cvs vs cvsup
Next by Date: Re: Newbie NAT difficulties
Prev by thread: Newbie NAT difficulties
Next by thread: Re: Newbie NAT difficulties
Index(es):
- Date
- Thread