tech-net: Re: ipnat: Multiple interfaces and routing

Subject: Re: ipnat: Multiple interfaces and routing
To: None <wysoft@extremecode.org>
From: Jonathan A. Kollasch <jakllsch@kollasch.net>
List: tech-net
Date: 11/27/2005 16:41:39

--K8nIJk4ghYZn606h
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Nov 27, 2005 at 01:46:50PM -0800, wysoft@extremecode.org wrote:
> nothing should be getting blocked. Here is my ipnat.conf:
>=20
> # Compensate for NAT-broken protocols
> map ex0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
> map mc0 192.168.2.0/24 -> 0/32 proxy port ftp ftp/tcp
>=20
> # Port redirections
> #rdr ex0 0.0.0.0/0 port 6114 -> 192.168.1.106 port 6114 udp
>=20
> # Essential mappings
> map ex0 192.168.1.0/24 -> 67.168.161.233/32
> map ex0 192.168.1.0/24 -> 67.168.161.233/32 portmap tcp/udp auto
> map mc0 192.168.2.0/24 -> 67.168.161.233/32
> map mc0 192.168.2.0/24 -> 67.168.161.233/32 portmap tcp/udp auto

Try this:

# Compensate for NAT-broken protocols
map ex0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map ex0 192.168.2.0/24 -> 0/32 proxy port ftp ftp/tcp

# Port redirections
#rdr ex0 0.0.0.0/0 port 6114 -> 192.168.1.106 port 6114 udp

# Essential mappings
map ex0 192.168.1.0/24 -> 67.168.161.233/32
map ex0 192.168.1.0/24 -> 67.168.161.233/32 portmap tcp/udp auto
map ex0 192.168.2.0/24 -> 67.168.161.233/32
map ex0 192.168.2.0/24 -> 67.168.161.233/32 portmap tcp/udp auto

	Jonathan Kollasch

--K8nIJk4ghYZn606h
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)

iD8DBQFDijYiOjx1ye3hmokRAoMNAJ0Y0LqdJWIPWoVktrpKzWtyOtVLpwCeIH7j
Wzr1CRV0eApa/j6dWJf4Thk=
=Rq79
-----END PGP SIGNATURE-----

--K8nIJk4ghYZn606h--