On Thu, 10 Oct 2002, Jeff wrote:

> >> Anyone want to point me to a how-to or doc?  Or just tell me?  I'm
> >> pretty
> >> sure it's an easy task, as I was able to do it with one or two
> >> commands
> >> on OS X
> >> and LinuxPPC.
> >
> > I'm not at all sure, but I can't see, why the following shouldn't
> > work. Put this inside your ipnat.rules (the file for ipnat to read).
> >
> > map de0 192.168.0.0/16 -> aa.bb.cc.dd/32 portmap tcp/udp 20000:30000
> > map de0 192.168.0.0/16 -> aa.bb.cc.dd/32
> >
> > Where (obviously) you'd replace 'aa.bb.cc.dd' with you external ip and
> > 'de0' with you nic name (run 'ifconfig -a').
>
> I did something quite similar without success:
>
> ipf.conf had pass in from any to any and pass out from any to any.
>
> ipnat.conf had
>
> map bm0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
> map bm0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
> map bm0 192.168.1.0/24 -> 0/32
>
> I also edited rc.conf to start ipfilter and ipnat.
> And I checked to be sure sysctl had ipfrowarding=1
> I also added an alias to bm0 (ifconfig bm0 192.168.1.1 alias)
>
> With the above setup, I could ping the netbsd box and ping the
> 192.168.x.x box from the NetBSD box.  But the 192.168 box would not go
> out to the net.
>
> I am suspecting it's either a wrong netmask or a wrong device.  I'm
> using pppoe to connect to the internet from the NetBSD box.  The
> results of ifconfig -a show me that
> the alias is there for the bm0.  But it also shows that the ppp0 device
> is the one that is assigned the real IP addy via pppoe.

That's because the ppp0 device is the one that actually sends IP packets
to the rest of the net.

> So I'm stumped.  Am I doing to much?  Remember, I only have one NIC on
> the NetBSD box: bm0

While you might have only one nic, you have multiple network interfaces.
Most importantly, ppp0 is the one that has the link to the outside world.

Change bm0 to ppp0 above, and it should work.

I'm using pppoe on an i386, and my NAT entries are on ppp0 too. :-)

Take care,

Bill