Subject: IPNAT problems
To: None <tech-net@NetBSD.ORG>
From: Brett HALES <>
List: tech-net
Date: 02/24/2001 20:17:06

I am currently trying to get a machine to do what Linux did with IP

Initially I would like Machine A and Machine B to be able to talk to the
Internet via NAT on Machine C.

I am running NetBSD 1.5 and have the below ipf.conf (IPFILTER) and
ipnat.conf (IPNAT) files configured. (That do not work)

I do not want to at this stage specify a specific port for machine A or
machine B. Eg. If Machine A wanted to talk to on port 6667 then
I want that to happen. I shall tinker with ipfilter latter to stop this.

Can anybody help?



Here is my ipnat.conf file


map ppp0 -> 0/32 portmap tcp/udp 1000:60000
map ppp0 -> 0/32


Here is my ipf.conf file


pass out quick on ppp0 from any to any
pass in quick on ppp0 from any to any


Oh...and here is what worked with Linux/MASQUERADE.


:input ACCEPT
:forward DENY
:output ACCEPT
-A forward -s -d -i ppp0 -j MASQ

[Machine A]			[Machine B]
	|				|
			| [le0 Interface]
		[Machine C]

			| [ppp0 Interface]
			|  x.x.x.x