[afnog] Routing with NAT again
Antonio Godinho
antonio at uem.mz
Tue Aug 15 16:33:19 SAST 2006
Hi All,
I had already sent the below scenario before, and I had thought that I
solved the problem but now things don't work anymore. I had added the
following lines to ipfw in order to get around the problem:
ipfw add 30 skipto 300 all from 196.3.B.0/24 to any
where 30 is a line number that comes before the divert for natd and 300 is a
line number for a rule later on in the rule set. It was working at first
when I introduced the line but after rebooting the machine it stopped
working although I added the rule to the rc.firewall and it even appears
when you view the list of active rules (ipfw list). Why did it work before
and not anymore???
I have this scenario between three networks at the University:
|-----|
rl0 (196.3.B.0/24 real IP addresses)---|NAT |----fxp1 (196.3.A.0/24)
| | Connected to Internet
vr0 (192.168.254.0/24)-----------------| |
|-----|
The fxp1 is the interface connected to internet and the NAT box is doing NAT
for the private network 192.168.254.0. Now I have added the network
196.3.B.0/24 to the box at interface rl0. everything seems to work fine,
people from internet can connect to servers on the new network 196.3.B.0 but
the only problem is that the servers on this network when they connect to
other mail servers outside it appears as coming from the IP of the fxp1
interface. How can I make the NAT box only NAT the private address and not
the others? I am running ipfw on the NAT box.
Cheers,
--
Antonio Godinho
B.Sc.
CIUEM
Maputo
Mozambique
More information about the afnog
mailing list