LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 12-28-2003, 02:44 AM   #1
IMNOboist
Member
 
Registered: Nov 2003
Location: Seattle
Distribution: OpenBSD, Ubuntu
Posts: 60

Rep: Reputation: 16
Help with IPNAT setup on OpenBSD 3.4


I'm trying to set up a firewall with OpenBSD 3.4 and can't even get the NAT part to work. I've taken the following steps:

Removing the comment line of the following line of /etc/sysctl.conf -

net.inet.ip.forwarding=1# 1=Permit forwarding (routing) of packets

Added the following lines to /etc/rc.conf -

ipfilter=YES
ipnat=YES
# for "YES" ipfilter must also be "YES"
ipfilter_rules=/etc/ipf.rules
# Rules for IP packet filtering
ipnat_rules=/etc/ipnat.rules
# Rules for Network Address Translation

I've taken many looks at the files to make sure they're all named right and in the right place. My network configuration is as such -

rl0: IP - 209.166.74.17 SubMask - 255.255.255.0
dc0: IP - 192.168.1.1 SubMask - 255.255.255.0

Now, I have the following line in my /etc/ipnat.rules file -

map dc0 192.168.1.0/32 -> rl0/32 portmap tcp/udp 10000:20000

I think that's where I'm having the problem. Can someone help me with the syntax of that line? I've tried everything! Thanks!
 
Old 12-28-2003, 09:51 PM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
You must be reading really old documentation. Everything has been rolled into "pf" now. There is only one configuration file (it looks like you're reading a how-to that is very old and describes the setup before NAT and packet filtering were combine).

use this link instead

If you want to just NAT all inside IPs to your outside IP, then you want something like

nat on rl0 from 192.168.1.0/24 to any -> (rl0)

I should point out that you only use the (interface) notation if that interface's IP is dynamic. If you have a static external IP, then just use rl0 without the parenthesis.

Last edited by chort; 12-28-2003 at 09:54 PM.
 
Old 12-29-2003, 04:47 PM   #3
IMNOboist
Member
 
Registered: Nov 2003
Location: Seattle
Distribution: OpenBSD, Ubuntu
Posts: 60

Original Poster
Rep: Reputation: 16
Thumbs up Thanks!

I guess it was old, because the PF works great! Thanks for the help!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ipf/ipnat emule freebsd = the 1st flying computer sk8o *BSD 3 04-13-2008 06:20 PM
[OpenBSD 3.7] Wifi setup noir911 *BSD 2 08-16-2005 07:40 PM
OpenBSD 3.6 X setup for users?? halo14 *BSD 6 11-17-2004 04:18 PM
bandwidth limiting with ipnat musaleem Linux - Networking 0 04-14-2004 05:11 AM
netbsd ipnat trouble Laplace *BSD 1 11-02-2003 05:24 PM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 04:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration