Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.ysu.edu!news.cps.udayton.edu!news.conterra.com!newsfeed.internetmci.com!newsfeed.internetmci.com!in2.uu.net!brighton.openmarket.com!decwrl!usenet.cisco.com!iverson From: iverson@cisco.com (Tim Iverson) Newsgroups: comp.unix.bsd.freebsd.misc Subject: NAT (was Re: IP Masquerading in user PPP?) Date: 11 Jul 1996 00:58:34 GMT Organization: cisco Lines: 31 Message-ID: <4s1jjq$52e@cronkite.cisco.com> References: <Pine.BSF.3.91.960708224558.170A-100000@darkstar> NNTP-Posting-Host: rottweiler.cisco.com In article <Pine.BSF.3.91.960708224558.170A-100000@darkstar>, Charles Mott <cmott@srv.net> wrote: |was IP masquerading, where machines on a "private" ethernet (e.g. |192.168.0.x addresses) could make connections with the outside world |via port renaming. This is called NAT -- Network Address Translation. It is not only possible, it has already been done. Go get the source for ipfilter (sorry, forgot where, try AltaVista to find it). Ipfilter is a mostly firewall tool; it runs just fine on FreeBSD, but the NAT code does need a little work to handle the case where you want to map to just one public IP address. |advice from experienced programmers on how to do this. I am looking for a |small to medium sized software project to teach myself about network NAT done right is a very big project, mostly due to difficulties with UDP and protocols that have embedded IP addresses in the payload. NAT is also a controversial subject; many find it to be a distasteful hack in principal alone. I like it 'cuz it saves me money -- my ISP bills lots more for routing multiple IP addresses. ;-) I would suggest fixing up the NAT that is already in IP filter. You'll learn about IP and you won't have to do everything from scratch. And, the code will be useful on platforms other than FreeBSD. IMHO, NAT belongs in the IP code, not in the PPP code. - Tim Iverson iverson@lionheart.com