[CUWiN] nat bogosity (was: circular route)
simon-cuw at uc.org
simon-cuw at uc.org
Wed Feb 1 21:51:11 CST 2006
Thanks Dave! Are there nightly images being built somewhere, or will I
need to build it from source?
On Sun, 29 Jan 2006, David Young wrote:
> On Fri, Jan 20, 2006 at 03:28:06PM -0500, simon-cuw at uc.org wrote:
> > ipnat.conf's manpage indicates that you can negate a subnet from the mapping.
> > If I do the following on Node A, it seems to get me a bit closer:
> >
> > map sip0 from 10.0.0.0/8 ! to 192.168.42.0/24 -> 192.168.42.22/32 tcp/udp 10000:20000
> > map sip0 from 10.0.0.0/8 ! to 192.168.42.0/24 -> 192.168.42.22/32
> >
> > I'm just having trouble confirming that 100%, as I don't have access to any systems on
> > LAN-Z right now.
>
> Simon,
>
> I just switched the sources in the trunk from IP Filter to PF.
> PF has a more expressive NAT language than IP Filter does. I feel
> certain that you can write the rules you need in PF. Look at
> cuw/trunk/src/boot-image/extras/etc/dhclient-exit-hooks for the place
> where I write the NAT rules.
>
> Dave
>
> --
> David Young OJC Technologies
> dyoung at ojctech.com Urbana, IL * (217) 278-3933
>
More information about the CU-Wireless
mailing list