netbsd-users: Re: ipnat when box IP is changing

Subject: Re: ipnat when box IP is changing
To: Wojciech Puchar <wojtek@wojtek.3miasto.net>
From: Grant Beattie <grant@grunta.com>
List: netbsd-users
Date: 10/07/2001 10:23:22

On Sun, Oct 07, 2001 at 12:56:06AM +0200, Wojciech Puchar wrote:

> how to define ipnat.conf to masquerade from 192.168.0.0/16 through ppp0
> interface when it's IP is unknown (dial-up connection).
> or it's impossible so i should regenerate ipnat.conf and rerun ipnat after
> connection (ip-up script)

Just to clarify - IPFilter does NAT, not IP Masquerading. Some NAT
implementations can appear to act in a similar way to Masq, but
referring to NAT as "IP Masq" can cause confusion :-)

ipf NAT to a dynamic IP address can be done like so:

	map ppp0 192.168.0.0/16 -> 0/32

You don't need to regenerate ipnat.conf since it doesn't need to
change, but you will need to flush and reload the NAT rules when the
IP address changes:

	# ipnat -CFf /etc/ipnat.conf

(-F flushes the NAT state table also, which may or may not be what you
want depending on your setup)

Hope this helps.

grant.