Det er meget let faktisk. Det eneste du skal er at følge eksemplet i man filen natd ved at skrive \"man natd\" på din FBSD box. Så nederst så står det. Ellers har jeg lavet en copy paste af det her og siden hvor der står man om det er.
http://www.freebsd.org/cgi/man.cgi?natdRUNNING NATD
The following steps are necessary before attempting to run :
1. Build a custom kernel with the following options:
options IPFIREWALL
options IPDIVERT
Refer to the handbook for detailed instructions on building a custom
kernel.
2. Ensure that your machine is acting as a gateway. This can be done
by specifying the line
gateway_enable=YES
in the /etc/rc.conf file or using the command
sysctl -w net.inet.ip.forwarding=1
3. If you use the -interface option, make sure that your interface is
already configured. If, for example, you wish to specify `tun0\' as
your interface, and you are using ppp(8) on that interface, you must
make sure that you start ppp prior to starting .
Running natd is fairly straight forward. The line
natd -interface ed0
should suffice in most cases (substituting the correct interface name).
Please check rc.conf(5) on how to configure it to be started automatical
ly during boot. Once natd is running, you must ensure that traffic is
diverted to :
1. You will need to adjust the /etc/rc.firewall script to taste. If
you are not interested in having a firewall, the following lines
will do:
/sbin/ipfw -f flush
/sbin/ipfw add divert natd all from any to any via ed0
/sbin/ipfw add pass all from any to any
The second line depends on your interface (change `ed0\' as appropri
ate).
You should be aware of the fact that, with these firewall settings,
everyone on your local network can fake his source-address using
your host as gateway. If there are other hosts on your local net
work, you are strongly encouraged to create firewall rules that only
allow traffic to and from trusted hosts.
If you specify real firewall rules, it is best to specify line 2 at
the start of the script so that natd sees all packets before they
are dropped by the firewall.
After translation by , packets re-enter the firewall at the rule
number following the rule number that caused the diversion (not the
next rule if there are several at the same number).
2. Enable your firewall by setting
firewall_enable=YES
in /etc/rc.conf. This tells the system startup scripts to run the
/etc/rc.firewall script. If you do not wish to reboot now, just run
this by hand from the console. NEVER run this from a remote session
unless you put it into the background. If you do, you will lock
yourself out after the flush takes place, and execution of
/etc/rc.firewall will stop at this point - blocking all accesses
permanently. Running the script in the background should be enough
to prevent this disaster.