The FreeBSD Diary |
|
(TM) | Providing practical examples since 1998If you buy from Amazon USA, please support us by using this link. |
|
Adding ipnat to FreeBSD 3.*
16 May 1999
|
|
See also IP Filter - an alternative firewall and
NAT to ipfw/natd. If you are planning on doing Network Address Translation (NAT) or IP Masquerade (the Linux term for it), then under FreeBSD 3.*, you can easily use ipnat. This is a great little tool provided by Darren Reed as part of his amazing packet filter ipfilter (the home page is http://coombs.anu.edu.au/~avalon/). The following message indicates that your your kernel is not configured for ipfilter and you will need to perform the steps outlined in the following sections of this article: # ipnat -f /etc/ipnat.conf /dev/ipnat: open: Device not configured |
|
What is ipnat used for?
|
| In simple, terms, NAT is the translation of internal addresses to external addresses.
This is commonly done on a gateway machine such as a dial-up box at home where you
have more than one computer. This allows all of your boxes to share a single
connection to your ISP. You may be familiar with WinGate
which does a similar function. One of the best how-to guides for ipfilter (ipnat) is at: |
|
Enabling ipnat
|
| The following instructions apply only if you are only ipnat and *not* adding IP
Filter. The IP Filter installation process will do the following steps
for you. To enable ipnat, you need to add some configuration options to your kernel configuration file and then compile a new kernel. This is pretty easy. Then you will need to follow the Handbook instructions Building and Installing a Custom Kernel. The line you need to add for ipnat is: options IPFILTER #kernel ipfilter support Then compile your kernel and install it as per the handbook instructions |
|
Configuring ipnat
|
| I've already written about ipnat in another article. Please refer to NAT rules for IP Filter for how I configured ipnat. |