NAT and Routing
Brian Somers
brian at Awfulhak.org
Sat Nov 9 02:44:21 GMT 2002
On Fri, 8 Nov 2002 23:41:27 -0000, Edmund Craske wrote:
> To save beating around the bush:
> How do you set up NAT to only translate packets that come through the
> LAN interface, rather than packets that go out the external interface?
> Ie, a machine with 3 network cards, one connected to the outside world,
> one connected to a DMZ (local machines with public routable IPs), and
> one connected to a LAN with internal IPs that need NATing. (Stop it from
> NATing DMZ traffic as well?)
Try using natd with ipfw rules something like:
ipfw add 50 divert natd ip from 10.0.0.0/8 to any out via if0
ipfw add 51 divert natd ip from any to 1.2.3.4 in via if0
where 10.0.0.0/8 is your private network, if0 is your external interface
and 1.2.3.4 is your external interfaces IP number.
> Thanks,
> Edmund Craske
--
Brian <brian at Awfulhak.org> <brian.somers at sun.com>
<http://www.Awfulhak.org> <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
More information about the Ukfreebsd
mailing list