The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

As an Amazon Associate I earn from qualifying purchases.
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 NATD and IPFW too
Author: Andy 
Date:   01-09-00 16:03

first of all, here is the configuration of my network
we have 13 ip's...
our server has 2 interfaces these are xl0 and xl1
xl0 has private ip:
xl1 has global fix ip:

---[cable modem]-----(xl1,,202,[fbsd]-(xl0,[hub]------[our private net]

i meant to forward any incoming connection from (alias ip) to another server which is in the private net. let's say

these are my ipfw configurations:
00040 fwd log ip from any to
00050 fwd,7666 tcp from to any 6600-7000
00050 fwd,3128 tcp from to any 80
00100 divert 8668 ip from any to any via xl1
00100 allow ip from any to any via lo0
00200 deny ip from any to
65000 allow ip from any to any
65535 deny ip from any to any

our kernel configurations:
options IPSTEALTH #support for stealth forwarding
options IPFILTER #ipfilter support
options IPFILTER_LOG #ipfilter logging
options IPDIVERT

and the natd daemon which is running:
88 ?? Ss 0:02.26 /sbin/natd -n xl1

i bring the up by this command:

ifconfig xl1 alias netmask
ifconfig lo0 alias netmask

when i tried to ping to none of them replied

i can't make any connection to this ip.

can u help us?


Reply To This Message
 RE: NATD and IPFW too
Author: Dan Langille 
Date:   01-09-00 22:41

> ifconfig xl1 alias netmask
> ifconfig lo0 alias netmask

I'm not sure about the alias on lo0. Try removing that first. Giving two interfaces the same IP may be confusing it.

>options IPFILTER #ipfilter support
>options IPFILTER_LOG #ipfilter logging

If you are using ipfw and not ipfilter, you can remove the above options.

> 00040 fwd log ip from any to

I don't use natd/ipfw (I use ipnat/ipfilter) but I think the above IPs should be swapped. Check the fwd command for details.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum