• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Introducing Dokkio, a new service from the creators of PBworks. Find and manage the files you've stored in Dropbox, Google Drive, Gmail, Slack, and more. Try it for free today.


NAT with ipnat on FreeBSD

Page history last edited by trunasuci 10 years, 10 months ago



Just make the topics easy....

How to make your FreeBSD ( or NetBSD but u need to fix the NIC name and /etc/rc.conf based on NetBSD-style ) as router? How?




This is my FreeBSD gateway with ipnat..





step 1- Install FreeBSD. Any version will do..



step 2- Done? Then edit /etc/rc.conf add something like this:









step 3- Create your rules files in /etc ( as stated here it's ipnat.rules, but u can named it anything u like )...

check your NIC ip, especially facing your network and will be acting as gateway ip...


trunasuci# ifconfig

xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1492


        ether XXXXXX

        inet netmask 0xff000000 broadcast

        media: Ethernet autoselect (100baseTX <full-duplex>)

        status: active

xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500


        ether XXXXXX

        inet netmask 0xffffff00 broadcast

        media: Ethernet autoselect (100baseTX)

        status: active

plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384

        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4

        inet6 ::1 prefixlen 128

        inet netmask 0xff000000

tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492

        inet 60.48.XX.XX --> netmask 0xffffffff

        Opened by PID 1251





example your NIC facing your network and will become gateway is xl1, then your ipnat.rules file should be like this:

map xl1 -> 0/32


then SAVE!








step 4-

run your ipnat.. mine always flush and run ipnat, pointing to the rules files



trunasuci# ipnat -FC && ipnat -f /etc/ipnat.rules

2 entries flushed from NAT table

4 entries flushed from NAT list



trunasuci# ipnat -l

List of active MAP/Redirect filters:

map xl1 ->


so it's run!


on your client pc/box just set this ip of xl1 as gateway ( in this case it's )


walla! it runs!!





test from NetBSD as client/server behind the FreeBSD gateway:


netbsd# nslookup www.yahoo.com



Non-authoritative answer:

www.yahoo.com   canonical name = www.wa1.b.yahoo.com.

www.wa1.b.yahoo.com     canonical name = www-real.wa1.b.yahoo.com.

Name:   www-real.wa1.b.yahoo.com


netbsd# uname -a

NetBSD netbsd.trunasuci.opensource.my 3.1_STABLE NetBSD 3.1_STABLE (GENERIC) #0: Thu Jan  1 11:38:51 MYT 2009  root@:/usr/obj/sys/arch/i386/compile/GENERIC i386














Comments (0)

You don't have permission to comment on this page.