ipfw3
bycn82
bycn82 at gmail.com
Sun Jun 21 16:47:29 PDT 2015
hi,
sorry for lacking of documentation.
below are sample steps to use in-kernel NAT with ipfw3.
Step1: make sure the ipfw3_nat module was loaded
dev03#kldstat | grep ipfw3_nat
5 1 0xffffffff83242000 3000 ipfw3_nat.ko
if the modules was not loaded, then below command to load the kernel module
dev03#kldload ipfw3_nat
Step2: prepare NAT config
dev03#ipfw3 nat 1 config if em0
ipfw nat 1 config if em0
which means it will do MASQUERADE using interface em0.
Step3: NAT the traffic.
NAT is just ip translate. so both direction should go through the same NAT
config.
dev03#ipfw3 add nat 1 tcp via em0
this means both in and out traffic on interface em0 will be filtered/
translated by NAT config id 1.
hope this helps, please try it and if you have any question, just let me
know,
and if you can help to come up with an tutorial by rephrasing this and
append with your experience, that would be very helpful.
http://www.dragonflybsd.org/docs/ipfw2/ is an wiki, there is a "edit page"
link.
regards,
bycn82
On 22 June 2015 at 02:31, <nans_nans1 at yahoo.de> wrote:
> Can someone give me detailed/complete instructions how to realize simple
> working nat with ipfw3 (including rc.conf and configuration files).
>
> The informations on these sites turns out to be sadly sparse for me:
> https://www.dragonflybsd.org/docs/ipfw2/
> http://www.dragonflybsd.org/docs/ipfw2/modules/
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20150622/1c304a2e/attachment-0003.htm>
More information about the Users
mailing list