|I'm using ipfilter and I
recommend it as a great packet filter tool for creating a firewall. Included with
this product is ipnat, which does the NAT for ipfilter. Here's how
I invoke ipnat:
ipnat -f /etc/ipnat.conf
I am also using DHCP. In such circumstances, you can substitute 0.0.0.0/32
for the otherwise unknown IP address. ipfilter will determine the address
at run time. Although this example is for dynamic IP addressees, I'm not sure, but I
strongly suspect that this will work for static addresses as well. Here are the
contents of /etc/ipnat.conf:
map ed0 192.168.0.0/16 -> 0.0.0.0/32 portmap tcp/udp 40000:65000
map ed0 192.168.0.0/16 -> 0.0.0.0/32
ed0 is the network which leads to the outside world. 192.168.0.0/16
represents the inside network. If you are setting up a home network, I suggest you
use 192.168.0.* for your subnet. In this case, the above examples will work for you.
If they don't, then please add your comments.
Put these rules before any redirects (i.e. rdr).