# ipfw & natd redirect_address



## dondugger (Apr 24, 2014)

Hi all,

I need a little help.

*M*y rc.conf:


```
gateway_enable="YES"
natd_enable="YES"
natd_interface="xl0"
natd_flags="-f /etc/natd.conf"

ifconfig_xl0="inet 74.92.224.225 netmask 255.255.255.0"
ifconfig_xl0_alias0="inet 74.92.224.227 netmask 255.255.255.255"
ifconfig_xl0_alias1="inet 74.92.224.226 netmask 255.255.255.255"
ifconfig_xl0_alias2="inet 74.92.224.228 netmask 255.255.255.255"
ifconfig_xl0_alias3="inet 74.92.224.229 netmask 255.255.255.255"

ifconfig_re0="up"
ifconfig_re1="up"
cloned_interfaces="lagg0"
ifconfig_lagg0="laggproto loadbalance laggport re0 laggport re1 172.27.240.33 netmask 255.255.0.0"

firewall_client_net="172.27.0.0:255.255.0.0"
firewall_enable="YES"
firewall_logging="YES"
firewall_type="/etc/ipfw.rules"
```

*M*y natd.conf:


```
interface xl0
use_sockets yes
same_ports yes
redirect_address 172.27.240.44 74.92.224.227
```

*M*y ipfw.rules:


```
add 50 divert natd log ip4 from any to any via xl0
add 2000 pass all from 172.27.0.0:255.255.0.0 to 172.27.0.0:255.255.0.0 via 172.27.240.33
add 2040 deny log all from any 23 to any
add 2050 deny log all from any to any 23
add 2060 deny log all from any 111 to any
add 2070 deny log all from any to any 111
add 2080 deny log all from any 221 to any
add 2090 deny log all from any to any 221
add 2100 deny log all from any 222 to any
add 2110 deny log all from any to any 222
add 5000 pass all from any to any
```

Everything works fine expect coming into 74.92.224.227 does not go to 172.27.240.44 it ends up on the gateway fine but not on the LAN.

thx Thanks in advance.

Don


----------

