Adding ipnat to FreeBSD 3.*

Adding ipnat to FreeBSD 3.*

See also IP Filter – an alternative firewall and
NAT to ipfw/natd
.

If you are planning on doing Network Address
Translation (NAT) or IP Masquerade (the Linux term for it), then under FreeBSD 3.*,
you can easily use ipnat.  This is a great little tool provided by Darren
Reed as part of his amazing packet filter ipfilter (the home page is http://coombs.anu.edu.au/~avalon/).

The following message indicates that your your kernel is not configured for ipfilter
and you will need to perform the steps outlined in the following sections of this article:

# ipnat -f /etc/ipnat.conf
/dev/ipnat: open: Device not configured

What is ipnat used for?

In simple, terms, NAT is the translation of internal addresses to external addresses.
  This is commonly done on a gateway machine such as a dial-up box at home where you
have more than one computer.  This allows all of your boxes to share a single
connection to your ISP.  You may be familiar with WinGate
which does a similar function.

One of the best how-to guides for ipfilter (ipnat)
is at:

http://www.obfuscation.org/ipf/

Enabling ipnat

The following instructions apply only if you are only ipnat and *not* adding IP
Filter
.  The IP Filter installation process will do the following steps
for you.

To enable ipnat, you need to add some configuration
options
to your kernel configuration file and then compile a new kernel.  This is
pretty easy.  Then you will need to follow the Handbook instructions Building and Installing
a Custom Kernel
.

The line you need to add for ipnat is:

options         IPFILTER                #kernel ipfilter support

Then compile your kernel and install it as per the handbook instructions

Configuring ipnat

I’ve already written about ipnat in another article.  Please refer to NAT rules for IP Filter for how I configured ipnat.

Leave a Comment

Scroll to Top