*BSD News Article 63719

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!newshost.telstra.net!asstdc.scgt.oz.au!metro!metro!munnari.OZ.AU!news.hawaii.edu!ames!purdue!lerc.nasa.gov!magnus.acs.ohio-state.edu!math.ohio-state.edu!howland.reston.ans.net!newsfeed.internetmci.com!in2.uu.net!psinntp!psinntp!psinntp!interramp.com!ip6.san-francisco3.ca.interramp.com!user
From: dcmyers@access.digex.net (David C. Myers)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: IP routing with masquerading
Date: Wed, 13 Mar 1996 11:50:54 -0800
Organization: PSI Public Usenet Link
Lines: 51
Message-ID: <dcmyers-1303961150540001@ip6.san-francisco3.ca.interramp.com>
NNTP-Posting-Host: ip6.san-francisco3.ca.interramp.com
X-Newsreader: Yet Another NewsWatcher 2.0.6b4



I'm looking to use my FreeBSD system as an IP router for my small
local-area network.  But I only have one dynamically-assigned IP
address for two machines, so FreeBSD needs to perform IP 
masquerading.  Here's a diagram:
 

 
                              Internet

                                 |
                                 | PPP
                                 |
  +-------------+        +--------------------------+    
  |             |        |                          |
  |     Mac     |        |  FreeBSD                 |
  |  10.0.0.2   |        |  10.0.0.1 on LAN         |
  |             |        |  dynamic IP to Internet  |
  |             |        |                          |
  +-------------+        +--------------------------+
         |                       |
         +-----------------------+
                  Ethernet
                  
                  

I'd like to make it look like packets generated by the Mac were
actually generated by FreeBSD itself.  This way, my one IP address
will stand in for two machines.  Likewise, FreeBSD should
recognize incoming packets destined for the Mac, and route them
appropriately over the local network.

Is there any way I can set up the FreeBSD firewall utility to perform
this kind of routing?  What are the sequence of steps I'd need to
perform?  And are there any kernel configuration items I'd need to 
enable?  

I'd really rather not try to set up proxy servers, as not many Mac
programs are designed to work with them.  I know the Linux firewall
utility has a masquerade option built-in...

Thanks for any help.

-David.

________________________________________________________________________

David C. Myers                                  dcmyers@access.digex.net

________________________________________________________________________