Subject: NAT 1:1 mappings
To: None <email@example.com>
From: Chris Jones <firstname.lastname@example.org>
Date: 04/02/1999 11:26:48
I hope you all don't mind another NAT question -- the last time I read
this list, there were quite a few of those.
I'm trying to get NAT working with a 1:1 mapping of external to
internal IP addresses. I'd like to get it to pass through incoming
connections to the appropriate internal IP.
I've got my NAT machine at 126.96.36.199, and I want to make it
forward packets for 188.8.131.52 from de0 to 10.1.240.181 on de1.
But, of course, if I "ifconfig de0 alias 184.108.40.206", the NAT
machine starts accepting packets for the hidden machine.
If I use a "map" rule in ipnat.conf, it only works for outgoing
connections. Once the connection is established, packets can go in
both directions; but I'd like it to allow incoming connections, too.
I can use "rdr de0 220.127.116.11/32 port 23 -> 10.1.240.181/32 port 23 tcp",
but I have to specify that for each service on the machine. Making
things like NFS work becomes a real pain this way.
In case anybody's wondering why I want to do this silly thing, it's
because management has decided we're going to have a firewall, and the
network people aren't able to give us a subnet to put our machines in.
Thanks in advance for any advice, and please CC: me in any discussion,
since I no longer read this list.
Chris Jones email@example.com
Mad scientist at large firstname.lastname@example.org
"Is this going to be a stand-up programming session, sir, or another bug hunt?"