Network: Network Address Translation (natd)(last edit: 2000-11-22)
The following steps are necessary before attempting to run natd:
1. Get FreeBSD version 2.2 or higher. Versions before this do not sup
port divert(4) sockets.
2. Build a custom kernel with the following options:
Refer to the handbook for detailed instructions on building a custom
3. Ensure that your machine is acting as a gateway. This can be done
by specifying the line
in /etc/rc.conf, or using the command
sysctl -w net.inet.ip.forwarding=1
4. If you wish to use the -n or -interface flags, make sure that your
interface is already configured. If, for example, you wish to spec
ify tun0 as your interface, and you're using ppp(8) on that inter
face, you must make sure that you start ppp prior to starting natd.
5. Create an entry in /etc/services:
natd 8668/divert # Network Address Translation socket
This gives a default for the -p or -port flag.
Running natd is fairly straight forward. The line
natd -interface ed0
should suffice in most cases (substituting the correct interface name).
Once natd is running, you must ensure that traffic is diverted to natd:
6. Enable your firewall by setting
in /etc/rc.conf. This tells the system startup scripts to run the
/etc/rc.firewall script. If you don't wish to reboot now, just run
this by hand from the console. NEVER run this from a virtual ses
sion unless you put it into the background. If you do, you'll lock
yourself out after the flush takes place, and execution of
/etc/rc.firewall will stop at this point - blocking all accesses
permanently. Running the script in the background should be enough
to prevent this
This is wat I've put in my kernel:
And in my rc.local:
Set gateway to private space ip address of FreeBSD machine.
Fill in DNS servers, perferrable the DNS servers of your ISP.
Set your browser/mail client to use the LAN instead of Dail-Up
And that's all I had to do to make it work
Click here to go back to the index.