1.modify kernel
加入
options IPFIREWALL
options IPDIVERT
重新編譯新的kernel
save and config and make depend all install
2.modify /etc/rc.conf
firewall_enable="YES" # Set to YES to enable firewall functionality
firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
firewall_type="OPEN" # Firewall type (see /etc/rc.firewall)
firewall_quiet="YES" # Set to YES to suppress rule display
natd_program="/sbin/natd" # path to natd, if you want a different one.
natd_enable="YES" # Enable natd (if firewall_enable == YES).
natd_interface="vr0" #設成對外的那張網卡裝置
3.Modify /etc/services
natd 8668/divert
4.Modify /etc/rc.firewall
/sbin/ipfw add 60000 divert 8668 all from any to any via vr0
詳細的用法可以man ipfw
ps : rc.conf 或是rc.firewall 都是script file..
詳細的用法可以man rc
5.reboot
6.將client的gateway設向nat主機的內部ip...就可以了
WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!
This program can put your computer in rather unusable state. When using
it for the first time, work on the console of the computer, and do NOT do
anything you don't understand.
 |
回覆時引用此文章
書籤