[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPF IPNAT OpenBSD 2.3 Alpha
At 23:04 07/05/98 -0700, you wrote:
> I have one of those DecAXP33s w/ OpenBSD 2.3 installed on it, I
>heard that IPF and IPNAT are busted in the alpha distrib. What I want is
>OpenBSD as the box that is connected to the InterNet and routing the
>internet to the Linux/OS2/Windows/Dos boxens that inhabit my hovel... You
>know, like Linux's IPMASQ.
> Can what I want be done?
Yes. I've done that at home, where i have 2 i386, one with openbsd22 and
one with win95. I connect to the internet(ppp) with the openbsd box and run
First, your kernel must have the 'option GATEWAY'. Recompile it with that.
Second, ensure that in /etc/rc.conf you have 'ipfilter=YES'.
Now, for a basic configuration, put that in your /etc/ipf.rules
pass in from any to any
pass out from any to any
I'll assume that you have something similar (a private network, like 10/8 or
192.168/16, and 1 ip number in the internet). Although, you can easily change
it for your needs.
This is your /etc/nat.rules
map ppp0 10.0.0.0/24 -> ppp0/32
Change the first 'ppp0' for your interface, and the second 'ppp0' for the ip
number you have. If you have a dynamic ppp connection like mine, it'll work
Remember, of course, to change the 10.0.0.0/24 with your private network
I think that's all i've done. Oh, and after the connection is established,
#ipnat -CF -f /etc/nat.rules
NOTE: Since you mentioned linux's ip masq, this all would be similar to
#ipfwadm -F -p deny
#ipfwadm -F -a m -S 10.0.0.0/24 -D 0.0.0.0/0
I guess this can help. You can find more info at
And, of course, the man pages for ipnat and ipf.