[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NAT'ing & stuff like that

To: Ian Morrison <ian@darq.net>, misc@openbsd.org
Subject: Re: NAT'ing & stuff like that
From: Kjell Wooding <kwooding@codetalker.com>
Date: Wed, 06 Jan 1999 14:24:07 -0700
References: <19981231172834Z82726-18396+2@mmi.oz.net><19981231172834Z82726-18396+2@mmi.oz.net>


>
>
> My /etc/ipnat.rules read:
>
> map xl0 192.168.1.0/24 -> xl1/27 portmap tcp/udp 10000:20000


Here's my ruleset:

map ed3 10.0.0.0/24 -> 209.128.105.254/32 proxy port ftp ftp/tcp
map ed3 10.0.0.0/24 -> 209.128.105.254/32 portmap tcp/udp 10000:20000
map ed3 10.0.0.0/24 -> 209.128.105.254/32

If you omit the last rule, you won't be able to ping, etc, as it is responsible
for mapping ICMP.

You may want to change your destination IP to the IP address of your external
interface (xl1). This would make it a /32 netmask..

You should not have to recompile using the GENERIC kernel.

-kj

References:
- Re: NAT'ing & stuff like that
  - From: Ian Morrison <ian@darq.net>

Prev by Date: IBM PS/ValuePoint problems - update
Next by Date: Re: your mail
Prev by thread: Re: NAT'ing & stuff like that
Next by thread: Re: NAT'ing & stuff like that
Index(es):
- Date
- Thread