RE: Question abt NATD

From: Tariq Rashid (tariq@inty.net)
Date: 02/26/02 

From: "Tariq Rashid" <tariq@inty.net>
To: "Ilya V. Serov" <serov@telecom.lek.ru>, <freebsd-security@FreeBSD.org>
Date: Tue, 26 Feb 2002 10:42:26 -0000

 natd does not use the kernel for NAT - it is a user land process and uses
libalias.
        you may wish to alter libalias to provide yourself with an "view" to its
mappings

 i'd recommend using ipnat which is in-kernel.
        use ipnat -l to list the rules and the currently mapped sessions
        (see man ipnat for deatils)

tariq

-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Ilya V. Serov
Sent: 26 February 2002 10:25
To: freebsd-security@FreeBSD.org
Subject: Question abt NATD

        How do You do, guies.

   Sorry in advance, if somebody will consider my question stupid.

   I have a FreeBSD 4.4-RELEASE box with natd configured to perfom ip
maquarading. It is extreemly necessary to be able to view the NAT
translation table. For I guess this info is stored somewhere to let
the kernel know how to translate addresses, so I think it is possible to
read this info from there. Have anyone done this "manulay", or maybe a
standart routine is present to help to do this? I have studied many
documentation sources, but found no hint on the topic.
   Can anyone help me?

                                Sorry for such a long letter and for
                                                        my poor english ;-))

                                Thanks in advance. Ilya V. Serov
                                        LEK TELECOM Co, St-Petersburg, Russia.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

intY has automatically scanned this email with Sophos Anti-Virus
(www.inty.com)

intY has automatically scanned this email with Sophos Anti-Virus (www.inty.com)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: natd question
    ... > dont forget to set the gateway IP address of your network clients to ... > the IP address of your FreeBSD nat server. ... > have enabled natd on the machine, but still cannot get packets out ... > To unsubscribe, send any mail to ...
    (freebsd-questions)
  • RE: Difficulties establishing VPN tunnel with IPNAT
    ... Perhaps, but I'v heard a lot of good things about IPF and IPNAT, ... especially since the nat is all in kernel where as natd is userland, ... natd is always criticized because going to userland is slow. ... ipfw add divert natd ip from any to in recv [outside ...
    (freebsd-questions)
  • Re: [Going nuts] Cant share the connection to the Internet
    ... Have you configured and re-compiled your FreeBSD kernel to support NAT? ... Kernel configuration is covered in chapter 8 of the FreeBSD Handbook ...
    (comp.unix.bsd.freebsd.misc)
  • Re: [Going nuts] Cant share the connection to the Internet
    ... > Have you configured and re-compiled your FreeBSD kernel to support NAT? ... What you are trying to do is have your LAN on the NAT network ...
    (comp.unix.bsd.freebsd.misc)
  • Re: ipnat memory leak?
    ... It also avoids at least 2 context switches per packet... ... goes into natd and one when it goes back to the kernel. ... > natd chokes on the latest windoze worms and I have implemented some DoS ... Not to mention the syntax for doing things like stateful firewalling is much ...
    (freebsd-current)