Created
April 15, 2015 18:02
-
-
Save kanazux/e1ce0b44621cb9c261ab to your computer and use it in GitHub Desktop.
Configure NAT with IPFW and NATD on FreeBSD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
interface re0 | |
dynamic yes | |
use_sockets yes | |
same_ports yes | |
unregistered_only yes |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Enable IPFW | |
gateway_enable="YES" | |
firewall_enable="YES" | |
firewall_type="open" | |
firewall_script="/etc/rc.ipfw" | |
# Enable NATD | |
natd_enable="YES" | |
natd_flags="-f /etc/natd.conf" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
/sbin/ipfw -f flush | |
/sbin/ipfw -q add 0001 nat 1 gre from any to any | |
/sbin/ipfw -q add 0030 check-state | |
/sbin/ipfw -q add 5000 pass all from any to any | |
/sbin/ipfw -q add 5100 allow ip from any to any | |
/sbin/ipfw -q add 0015 divert natd ip from any to any in via re0 | |
/sbin/ipfw -q add 0020 divert natd ip from any to any out via re0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment