Re: Newbie : NAT Probleme: 2 public Interface, 1 privat NAT Interface

From: Nicolas Rachinsky <list(at)rachinsky.de>
Date: Thu, 5 Sep 2002 09:33:28 +0200



* Stefan Mallepell <steve(at)syso.ch> [2002-09-04 23:40 +0200]:


> ifconfig_fxp0="inet 195.1.1.22   netmask 255.255.255.0"


> ifconfig_fxp1="inet 195.1.2.193 netmask 255.255.255.248"


> ifconfig_fxp2="inet 192.168.1.1    netmask 255.255.255.0"


> 


> # Routing Settings


> defaultrouter="195.1.1.1"


> gateway_enable="YES"


> 


> # Netzwerk Dienste


> inetd_enable="NO"


> nfs_server_enable="NO"


> sendmail_enable="NO"


> sshd_enable="YES"


> 


> # Firewall Settings


> firewall_enable="YES"


> firewall_script="/etc/firewall/fwrules"


> natd_enable="YES"


> natd_interface="fxp2"


> natd_flags="-v -a 195.1.1.22"


> 


> # Security


> kern_securelevel="2"


> kern_securelevel_enable="YES"


> 


> #Regional Settings


> keymap="swissgerman.iso"


> 


> 


> Firewall rules


> --------------


> #!/bin/sh


> 


> # Define the Firewall command


> fwcmd="/sbin/ipfw"


> 


> #### Force a flushing of the current rules before we load our own rules


> $fwcmd -f flush


> 


> #### NAT auf FXP2 definieren


> $fwcmd add 50 divert natd all from any to any via fxp2



Aus "man natd": "it usually runs on the external interface", fxp2 ist


aber bei Dir wohl das interne. Vermutlich musst Du bei natd_interface


und der Firewall Rule fxp0 eintragen, oder stattdessen natd mit "-reverse"


starten.



hth


Nicolas



To Unsubscribe: send mail to majordomo(at)de.FreeBSD.org


with "unsubscribe de-bsd-questions" in the body of the message


Received on Thu 05 Sep 2002 - 09:33:33 CEST













search this site