Subject: Re: IP Nat Syntax
To: Richard Ibbotson <richard@sheflug.co.uk>
From: None <thrashbarg@kaput.homeunix.org>
List: port-i386
Date: 10/10/2004 03:06:01
there's plenty of info in
http://www.netbsd.org/Documentation/network/#simplenat

what you want probably looks something like this:

map rtk1 192.168.1.0/24 -> 10.0.0.0/8 proxy port ftp/tcp
map rtk1 192.168.1.0/24 -> 10.0.0.0/8 portmap tcp/udp 40000:60000
map rtk1 192.168.1.0/24 -> 10.0.0.0/8

There are some examples in /usr/share/examples/ipf too

On Sat, Oct 09, 2004 at 06:22:00PM +0100, Richard Ibbotson wrote:
> Hi
> 
> Think I'm stuck on a simple ipnat syntax problem.
> 
> ADSL arrived last week which means that I can now move away from ISDN 
> and start to download any operating systems that I want to try out.  
> The layout of my network is something like this...
> 
>             PC
>              |
>              |
> PC ----- hub-----  BSD firewall ----------  router with -----> net 
>               |                                         Conexant    
>               |                                         chipset
>              PC 
> 
> the internal network is 192.168.1.0/24.  There are two network cards 
> in the BSD box.  These are rtk0 and rtk1.  rtk0 is 192.168.1.1 and 
> rtk1 is 10.0.0.1.   The router is 10.0.0.2.
> 
> So, I'm asking the BSD box to translate across 192.168.x.x to 10.0.0.x 
> to the router and out to the net.  The syntax I've tried are ..
> 
> map rtk0 -> rtk1      also,
> map 192.168.1.0/24
> 
> Neither of these work.  I know the syntax for a working ipnat.conf is 
> simple.  Can't quite work it out.  Help would be much appreciated.  
> I've had a good look at ipf.conf and found the obvious problem where 
> I didn't allow traffic for the ADSL DHCP servers.  Fixed that but 
> can't spot any other problems with ipf.conf
> 
> Regards
> 
> 
> -- 
> Richard