From owner-FreeBSD-users-jp@jp.FreeBSD.org Fri Apr 20 16:48:53 2007
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id l3K7mrT85340;
	Fri, 20 Apr 2007 16:48:53 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from hungup.hq.vcube.co.jp (j076077.ppp.asahi-net.or.jp [61.213.76.77])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id l3K7moM85334
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Fri, 20 Apr 2007 16:48:51 +0900 (JST)
	(envelope-from mitz@vcube.co.jp)
Received: from hungup.hq.vcube.co.jp (localhost.vcube.co.jp [127.0.0.1])
	by hungup.hq.vcube.co.jp (8.13.6/8.13.6) with ESMTP id l3K7miph014350
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Fri, 20 Apr 2007 16:48:44 +0900 (JST)
	(envelope-from mitz@hungup.hq.vcube.co.jp)
Received: (from mitz@localhost)
	by hungup.hq.vcube.co.jp (8.13.6/8.13.6/Submit) id l3K7mgG6014349;
	Fri, 20 Apr 2007 16:48:42 +0900 (JST)
	(envelope-from mitz)
From: Mitzyuki IMAIZUMI <mitzyuki@vcube.co.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
X-Mailer: mnews [version 1.22PL6] 2002-07/03(Wed)
Message-ID: <070420164842.M0114153@hungup.vcube.co.jp>
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Fri, 20 Apr 2007 16:48:42 +0900
X-Sequence: FreeBSD-users-jp 90581
Subject: [FreeBSD-users-jp 90581] =?ISO-2022-JP?B?GyRCQEVFKhsoQg==?= nat
 	=?ISO-2022-JP?B?GyRCJEdETD8uJEckLSRKJCQbKEI=?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: mitzyuki@vcube.co.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B:#@t$G$9!#(B

FreeBSD 6.2-RELEASE $B$G(B nat router $B$r9=C[$7$F$$$^$9!#(B
$B0J2<$N9=@.$G(B FreeBSD route $B$K$O(B ipfw $B$H(B natd $B$r;HMQ$7$F$*$j!"(B
$B$^$:$O;n83@\B3$H;W$$(B ipfw $B$O(B divert $B0J30$O40A4$KAGDL$7$N@_Dj$G$9!#(B

      +----------+
      |          |
      +-----+----+
            |  192.168.1.1/24
            |
            |
            |  192.168.1.254/24
        bge0|  192.168.1.253/24(alias)
      +-----+----+
      |          |   FreeBSD router
      +-----+----+
        bge1|  192.168.100.254/24
            |
            |
            |  192.168.100.1/24
      +-----+----+
      |          |
      +----------+

# ipfw -f flush
# ipfw add  50 divert natd all from any to any via bge0
# ipfw add 100 allow all from any to any

natd $B$OF0E*!"5Z$S@EE*(B nat $B$r0J2<$NMM$K@_Dj$7$F$$$^$9!#(B
# natd -i interface bge0 -f /usr/local/etc/natd.conf
# cat /usr/local/etc/natd.conf
deny_incoming           no
use_sockets             yes
same_ports              yes
dynamic                 yes
log                     no
verbose                 no
log_denied              yes
log_facility            security
redirect_address 192.169.100.1 192.168.1.253

$B$3$NMM$J4D6-$G(B 192.168.100.1 $B$N%/%i%$%"%s%H$+$i$O(B nat $B7PM3$G(B
192.168.1.1 $B$N%^%7%s$K@\B3$9$k$3$H$,$G$-$k$N$G$9$,!"(B
192.168.1.1 $B$+$i(B 192.168.1.253 $B$N@EE*(B nat $B$r7PM3$7$?(B
192.168.100.1 $B$H$NDL?.$,$G$-$^$;$s!#(B
tcpdump -i bge0 $B$GD4$Y$?=j(B 192.168.1.1 $B$+$i(B 192.168.1.253 $B$K(B ping $B$rBG$D$H!"(B
192.168.1.254 $B$+$i(B 192.168.100.1 $B$X$N(B icmp request $B$OAw?.$5$l$F$$$k$N$G$9$,!"(B
tcpdump -i bge1 $B$GD4$Y$k$H(B icmp request $B$,E~C#$7$F$$$J$$MM$G$9!#(B

$B2?$+B-$j$J$$@_Dj$d$*$+$7$$@_Dj$,$"$l$P$465<(2<$5$$!#(B
$B$h$m$7$/$*4j$$$7$^$9!#(B

-- 
 Mitzyuki IMAIZUMI <mitzyuki@vcube.co.jp>
