NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [users] Re: [users] NAT in NPF

Hi,



On 20191216 12:32:50 +0300, Vladimir Zakrevskiy wrote:

Thank you!

Your advice to make static IP helped and NAT started working.

However, when I use dynamic address and line:

map $ext_if $localnet -> ifaddrs(xennet0)

I get the error:

* /etc/npf.conf:16:32: syntax error near 'ifaddrs'

If I use variable, $ext_addrs = ifaddrs(xennet0) and use $ext_addrs in
map lite I get the error:

* /etc/npf.conf:16:0: variable 'ext_addrs' is of type 'table' not
  'family-address-mask'

Try to remove the curly braces from $ext_addr and $int_addr, just to

$ext_addr = inet4(xennet0)
$int_addr = inet4(xennet1)




What am I doing wrong?

30.11.2019 02:08, Luis P. Mendes пишет:

Hi,



On 20191129 21:22:19 +0300, Vladimir Zakrevskiy wrote:

Hello!

I have a strange situation when configuring NAT.

I have installed NetBSD on xen domU, enable ip forwarding and
enable NPF.

npf.conf:

$ext_if = "xennet0"
$int_if = "xennet1"
$ext_addr = { inet4(xennet0) }
$int_addr = { inet4(xennet1) }
$localnet = { 172.20.76.0/24 }

alg "icmp"

#NAT
map $ext_if $localnet -> $ext_addr

With this config NAT is not working. Packets received on int_if and
don`t transmited from ext_if.

If i remove "map $ext_if $localnet -> $ext_addr" packets correct
transmited from ext_if.


I've setup an ARM based router and have some difficulties, as well.
My map line is:

map $ext_if dynamic 192.168.1.0/24 -> ifaddrs(ure0)

Be sure if you can treat xennet0 as using a static address.
Otherwise, if it changes, ifaddrs() should come in place of inet4()

Other odd thing (for me) thast I've experienced, is that
/etc/rc.d/npf_boot required the config file to be /etc/npf.bood.conf
and not /etc/npf.conf.
So, I `cp -l` /etc/npf.conf to /etc/npf.boot.conf.

Hope you can work it out.


Luis
Home | Main Index | Thread Index | Old Index