When you get just 1 internet IP address from your ISP, and you want to allow more computers access to the internet (without using proxy servers) you need NAT (Network Address Translation). Setting it up is easy, if you pay attention 🙂
You need 2 network cards/interfaces installed in your machine:
/dev/pub0 is my network interface connected to the internet,
/dev/priv0 is my network interface conencted to the internal network.
Replace occurences of <pub0> and <priv0> with your network interface device names and remove the < > characters too. You can find your network interface names with the command:
Edit /etc/rc.conf, and check if your network cards are set up correctly, If your ‘public’ network card is connected to the internet an DSL- or Cable modem, it might be that your ISP provides you with an IP address, in this case, you’ll probably already have ‘ifconfig_pub0=”DHCP”’ in your rc.conf. My ISP gave me a fixed ip address (actually, a complete range), so in my case it’s different:
ifconfig_pub0=”inet <my.public.ip.address> netmask <my.public.net.mask>”
Now for the second network card, that is connected to your internal network:
ifconfig_priv0=”inet 10.0.0.1 netmask 255.0.0.0″
You can choose any private network range (10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/…) as long as it’s not alreay used in your network.
Make sure the following lines are there (replace <pub0> with your own network interface, e.g. ‘rl0’):
gateway_enable=”YES” # enable gateway
firewall_enable=”YES” # and firewall
firewall_script=”/etc/rc.firewall” # firewall configuration file
firewall_type=”open” # firewall type
firewall_quiet=”NO” # show all firewall rules
natd_enable=”YES” # enable natd
natd_program=”/sbin/natd” # path to natd
natd_interface=”<pub0>” # public/external network interface
natd_flags=”-f /etc/natd.conf” # extra options to natd
Test it (by starting natd manually):
natd -n <pub0>
ipfw -q add 00050 divert natd ip4 from any to any via <pub0>
= Setting up the client = Set up a computer (’client’) on your internal network, ip address 10.0.0.2, netmask 255.0.0.0, gateway 10.0.0.1, and DNS servers from your ISP (you can probably find them with ‘cat /etc/resolv.conf’)
= Testing natd connectivity = On this client pc, go to a shell, (that’s: Start → Run → cmd → [ok] for you windows people, or WindowsKey-R → cmd → [ok] for Vista unfortunates):
If everything is ok (no firewalls in the way) you should get ‘Response from 10.0.0.1 …’.
Next, ping another IP address (you can use the DNS server you found a moment ago):
If this works, natd works. Note: some servers/internetsites block ‘ping’: test if you can ping the address from your server, if this works, it should work from any client too.
Now test if you can ping a website by it’s name.
If this works, you can start your internet browser, and use the internet with multiple computers.
Reboot, to make sure natd is started automatically/correctly upon the next boot.