Incidentally, natd is also capable of properly forwarding ports to other machines. Well it just won't work properly.Ĭonnection sharing in BSD is handled using a userland process called 'natd'. Given my knowledge of how this is done with the same tool as setting up a firewall in linux, I set out to do the same on osx and found that ipfw (the tool that manipulates firewall rules in BSDs and OSX) knows an action called 'forward'. Unfortunately the machine I want to forward a port on doesn't run linux. (On a side note, if you're forwarding webservers, use apache's reverse proxy feature for that to allow multiple servers based on the URL). You can't have two forwards for port 25, for instance, unless they are on different IP addresses. You can only forward a single port once though, so take into consideration what machine you're forwarding to. It's an incredible headache if you want to go the other way around: set up a service on one of your machines that people on the internet will be able to access. This is all nice and dandy when all you're doing is accessing servers on the internet from behind your router, which will inevitably use Network Address Translation (NAT) to allow you to do so.
We all know the trouble: today's stupid ISPs will only give you one IP-address so to connect more than one computer, we need to use RFC 1918 IP-addresses, also known as private IP-addresses.
