Subject: Re: LPD and NAT
To: Wojciech Bojdol <wojboj@htcon.pl>
From: David Rogers <drogers@halo7.net>
List: port-mac68k
Date: 02/21/2002 13:11:34 
Here is ipnat.conf

#!/sbin/ipnat -f -
#
# THIS EXAMPLE IS WRITTEN FOR IP FILTER 3.3
#
# ae1 - (external) Ethernet connection to ISP, address a.b.c.d/24
#
# ae0 - (internal) network interface, address w.x.y.z/32
#
# If we have only 1 valid IP address from our ISP, then we do this:
#
# To make ftp work, using the internal ftp proxy, use:
#
map ae1 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp

#
# For normal TCP/UDP and other IP protocols
#
map ae1 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp 1025:65000
map ae1 192.168.1.0/24 -> 0.0.0.0/32

And here is the output of ifconfig -a, I censored my external address as
a.b.c.d cuz I've been hacked once already this year. ;)

ae0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:00:94:22:88:30
        media: Ethernet manual
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::200:94ff:fe22:8830%ae0 prefixlen 64 scopeid 0x1
ae1: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:00:94:21:4e:fd
        media: Ethernet manual
        inet a.b.c.d netmask 0xfffff000 broadcast 140.88.79.255
        inet6 fe80::200:94ff:fe21:4efd%ae1 prefixlen 64 scopeid 0x2
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33228
        inet 127.0.0.1 netmask 0xff000000
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
ppp1: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 296
sl1: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 296
tun0: flags=10<POINTOPOINT> mtu 1500
tun1: flags=10<POINTOPOINT> mtu 1500
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif1: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif2: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
gif3: flags=8010<POINTOPOINT,MULTICAST> mtu 1280


Hope this helps.

Dave Rogers
> 
> On Thu, Feb 21, 2002 at 11:49:00AM -0600, David Rogers wrote:
>> I have 2 interfaces in the machine.  And I've tried printing to both the
>> internal and the external interfaces. No luck there.
> 
> Could you show us your ipnat.conf and output of ifconfig -a ?
> 
> --wb
> 
> 
>