Subject: IPNAT problems
To: None <tech-net@NetBSD.ORG>
From: Brett HALES <bhales@cmpmail.com>
List: tech-net
Date: 02/24/2001 20:17:06
Hello,
I am currently trying to get a machine to do what Linux did with IP
Masquerade.
Initially I would like Machine A and Machine B to be able to talk to the
Internet via NAT on Machine C.
I am running NetBSD 1.5 and have the below ipf.conf (IPFILTER) and
ipnat.conf (IPNAT) files configured. (That do not work)
I do not want to at this stage specify a specific port for machine A or
machine B. Eg. If Machine A wanted to talk to 145.23.12.41 on port 6667 then
I want that to happen. I shall tinker with ipfilter latter to stop this.
Can anybody help?
Thanks,
Brett
Here is my ipnat.conf file
------------------------------------
map ppp0 192.168.1.0/24 -> 0/32 portmap tcp/udp 1000:60000
map ppp0 192.168.1.0/24 -> 0/32
------------------------------------
Here is my ipf.conf file
------------------------------------
pass out quick on ppp0 from any to any
pass in quick on ppp0 from any to any
------------------------------------
Oh...and here is what worked with Linux/MASQUERADE.
------------------------------------
:input ACCEPT
:forward DENY
:output ACCEPT
-A forward -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i ppp0 -j MASQ
------------------------------------
192.168.1.200/24 192.168.1.201/24
[Machine A] [Machine B]
| |
|_______LAN_____________|
|
|
| [le0 Interface]
| 192.168.1.9/24
[Machine C]
| [ppp0 Interface]
| x.x.x.x
|
|
Internet