diff --git a/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml b/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
index 6e05780864..f05e02fc8f 100644
--- a/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
@@ -6142,7 +6142,7 @@ driftfile /var/db/ntp.drift
FreeBSD's Network Address Translation daemon, commonly known as
&man.natd.8; is a daemon that accepts incoming raw IP packets,
changes the source to the local machine and re-injects these packets
- back into the outgoing IP packet stream. natd does this by changing
+ back into the outgoing IP packet stream. &man.natd.8; does this by changing
the source IP address and port such that when data is received back,
it is able to determine the original location of the data and forward
it back to its original requester.
@@ -6165,7 +6165,7 @@ driftfile /var/db/ntp.drift
provide Internet access to several more over a LAN.
To do this, the FreeBSD machine on the Internet must act as a
- gateway. This gateway machine must have two NICs--one for connecting
+ gateway. This gateway machine must have two NICs—one for connecting
to the Internet router, the other connecting to a LAN. All the
machines on the LAN are connected through a hub or switch.
@@ -6264,60 +6264,63 @@ natd_flags=""
assigned IP address numbers in the private network space as
defined by RFC 1918
- and have a default gateway of the natd machine's internal IP
+ and have a default gateway of the natd machine's internal IP
address.
- For example, client a and
- b behind the LAN have IP addresses of For example, client A and
+ B behind the LAN have IP addresses of 192.168.0.2 and 192.168.0.3, while the natd machine's
LAN interface has an IP address of 192.168.0.1. Client a
- and b's default gateway must be set to that
- of the natd machine, 192.168.0.1. The natd machine's
+ role="ipaddr">192.168.0.1. Client A
+ and B's default gateway must be set to that
+ of the natd machine, 192.168.0.1. The natd machine's
external, or Internet interface does not require any special
- modification for natd to work.
+ modification for &man.natd.8; to work.
Port Redirection
- The drawback with natd is that the LAN clients are not accessible
+ The drawback with &man.natd.8; is that the LAN clients are not accessible
from the Internet. Clients on the LAN can make outgoing connections to
the world but cannot receive incoming ones. This presents a problem
if trying to run Internet services on one of the LAN client machines.
A simple way around this is to redirect selected Internet ports on the
- natd machine to a LAN client.
+ natd machine to a LAN client.
- For example, an IRC server runs on Client A, and a web server runs
- on Client B. For this to work properly, connections received on ports
+ For example, an IRC server runs on client A, and a web server runs
+ on client B. For this to work properly, connections received on ports
6667 (IRC) and 80 (web) must be redirected to the respective machines.
- The -redirect_port must be passed to
+ The must be passed to
&man.natd.8; with the proper options. The syntax is as follows:
- -redirect_port proto targetIP:targetPORT[-targetPORT]
+ -redirect_port proto targetIP:targetPORT[-targetPORT]
[aliasIP:]aliasPORT[-aliasPORT]
- [remoteIP[:remotePORT[-remotePORT]]]
+ [remoteIP[:remotePORT[-remotePORT]]]
+
+ In the above example, the argument should be:
- In the above example, the argument should be:
-redirect_port tcp 192.168.0.2:6667 6667
-redirect_port tcp 192.168.0.3:80 80
+
+
This will redirect the proper tcp ports to the
LAN client machines.
- The -redirect_port argument can be used to indicate port
+ The argument can be used to indicate port
ranges over individual ports. For example, tcp
192.168.0.2:2000-3000 2000-3000 would redirect
all connections received on ports 2000 to 3000 to ports 2000
- to 3000 on Client A.
+ to 3000 on client A.These options can be used when directly running
&man.natd.8; or placed within the
- natd_flags="" option in
+ natd_flags="" option in
/etc/rc.conf.For further configuration options, consult &man.natd.8;
@@ -6335,16 +6338,17 @@ natd_flags=""
the specific LAN client. This is also known as static NAT.
For example, the IP addresses 128.1.1.1,
128.1.1.2, and
- 128.1.1.3 belong to the natd gateway
+ 128.1.1.3 belong to the natd gateway
machine. 128.1.1.1 can be used
- as the natd gateway machine's external IP address, while
+ as the natd gateway machine's external IP address, while
128.1.1.2 and
128.1.1.3 are forwarded back to LAN
- clients A and B.
+ clients A and B.
+
+ The syntax is as follows:
+
+ -redirect_address localIP publicIP
- The -redirect_address syntax is as follows:
-
-
@@ -6362,15 +6366,16 @@ natd_flags=""
In the example, this argument would read:
-
- Like -redirect_port, these arguments are also placed within
- natd_flags of /etc/rc.conf. With address
+ -redirect_address 192.168.0.2 128.1.1.2
+-redirect_address 192.168.0.3 128.1.1.3
+
+ Like , these arguments are also placed within
+ the natd_flags="" option of /etc/rc.conf. With address
redirection, there is no need for port redirection since all data
received on a particular IP address is redirected.
- The external IP addresses on the natd machine must be active and aliased
+ The external IP addresses on the natd machine must be active and aliased
to the external interface. Look at &man.rc.conf.5; to do so.