Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!paladin.american.edu!zombie.ncsc.mil!news.mathworks.com!newsfeed.internetmci.com!in2.uu.net!news.artisoft.com!usenet
From: Terry Lambert <terry@lambert.org>
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: NAT / IP Masquerading
Date: Wed, 14 Aug 1996 18:24:39 -0700
Organization: Me
Lines: 26
Message-ID: <32127C57.7B4D268B@lambert.org>
References: <320F7133.41A5@ase.telerate.com>
NNTP-Posting-Host: hecate.artisoft.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Mozilla 2.01 (X11; I; Linux 1.1.76 i486)
Jim King wrote:
]
] I have an application where I'm thinking of using a FreeBSD box
] as a router to do NAT. This is very straightforward, I just
] want to do a one-to-one mapping between one class C to another
] - e.g. 1.2.3.4 maps to 5.6.7.8 and vice versa.
]
] Has anyone implemented this type of NAT in ipfw? (This seems like a
] natural.)
]
] I've tried running IP Filter on FreeBSD 2.1.5-RELEASE. It sometimes
] works, but today I'm getting a kernel panic every time I try to ping
] something through that box. Does IP Filter work better on 2.1.0?
I don't know why you are crashing... the current IPfilter code
implements NAT, supposedly to the level of the Linux "masquerading".
I believe that ICMP datagrams would not normally beforwarded by
any type of "masquerading"... you would need real proxy services
(seee RFC-1919 where it talks about "...Transparent IP Proxies...").
Terry Lambert
terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.