The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Ipnat and one to one mapping
Author: Marco Raposo 
Date:   11-08-00 19:02

i'm using FreeBSD as a gateway for my network
and i'm using ipfilter and ipnat. All the local network is translated to a single IP.
until now everything works fine.

___________________________________ WAN
| x.x.x.84 / 32
| / 24
__|_______________________________> LAN
| |
|____| / 32

"Services Machine"

the problem starts when i try to execute a one to one mapping. I want my internal machine referenced as "Services machine" to receive packets target to IP x.x.x.86
I've setted the natrules as follows, where rl0 is my "external" interface.

________________ NATRULES __________________

map rl0 ->
bimap rl0 ->

from the inside, everything works fine, the workstation has no problem in reaching the "outside world"

here is "ipnat -l" output

______________ IP nat output __________________

List of active MAP/Redirect filters:
map rl0 ->
bimap rl0 ->

List of active sessions:
BIMAP 4354 <- -> 4354 [ 80]
BIMAP 4351 <- -> 4351 [ 80]
MAP 1536 <- -> 1536 [ 5190]
MAP 1553 <- -> 1553 [ 21]

As we can see, the reserved IP is being translated to the external IP,
but from the outside, the system acts as if it were not execution the translation.
When i try to ping or telnet the external IP for that external machine, i get no response.

Any ideas? theoretically the packages for IP should be delivered by IP Filter, right?

btw, IP filtering rules are:
pass in all
pass out all

Reply To This Message
 RE: Ipnat and one to one mapping
Author: Stu 
Date:   12-08-00 11:42

I had the same problem my self recently - you must asign x.x.x.86 IP to your "external" NIC of your gateway - as a secondary IP.
Your natrules are spot on with bimap.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum