|
Lines 1280-1285
Link Here
|
| 1280 |
</sect4> |
1280 |
</sect4> |
| 1281 |
</sect3> |
1281 |
</sect3> |
| 1282 |
|
1282 |
|
|
|
1283 |
<sect3 id="userppp-nat"> |
| 1284 |
<title>Using PPP Network Address Translation Capability</title> |
| 1285 |
<indexterm><primary>PPP</primary><secondary>NAT</secondary></indexterm> |
| 1286 |
|
| 1287 |
<para>PPP has ability to use internal NAT without kernel diverting |
| 1288 |
capabilities. This functionality may be enabled by the following |
| 1289 |
line in <filename>/etc/ppp/ppp.conf</filename>:</para> |
| 1290 |
|
| 1291 |
<programlisting>nat enable yes</programlisting> |
| 1292 |
|
| 1293 |
<para>Alternatively, PPP NAT may be enabled by command-line |
| 1294 |
option <literal>-nat</literal>. There is also |
| 1295 |
<filename>/etc/rc.conf</filename> knob named |
| 1296 |
<literal>ppp_nat</literal>, which is enabled by default.</para> |
| 1297 |
|
| 1298 |
<para>If you use this feature, you may also find useful |
| 1299 |
the following <filename>/etc/ppp/ppp.conf</filename> options |
| 1300 |
to enable incoming connections forwarding:</para> |
| 1301 |
|
| 1302 |
<programlisting>nat port tcp 10.0.0.2:ftp ftp |
| 1303 |
nat port tcp 10.0.0.2:http http</programlisting> |
| 1304 |
|
| 1305 |
<para>or don't trust the outside at all</para> |
| 1306 |
|
| 1307 |
<programlisting>nat deny_incoming yes</programlisting> |
| 1308 |
</sect3> |
| 1309 |
|
| 1283 |
<sect3 id="userppp-final"> |
1310 |
<sect3 id="userppp-final"> |
| 1284 |
<title>Final System Configuration</title> |
1311 |
<title>Final System Configuration</title> |
| 1285 |
<indexterm><primary>PPP</primary><secondary>configuration</secondary></indexterm> |
1312 |
<indexterm><primary>PPP</primary><secondary>configuration</secondary></indexterm> |