Date: Wed, 26 Apr 2000 12:07:12 +1000 From: Imran Ahmad <imran.ahmad@bby.com.au> To: freebsd-questions@FreeBSD.ORG Subject: natd help Message-ID: <4.2.2.20000426114322.00acbb10@kid>
next in thread | raw e-mail | index | archive | help
Hi;
I am running FreeBSD 3.2 release and using it as a firewall. I am running
"ipfw" kit. It's working fine and now I want to enable "nat" services on my
firewall.
I have added the following rules to my firewall config file.
1. if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
$fwcmd 50 add divert natd all from any to any via ${natd_interface}
natd_enable=
fi
2. On internal interface, I have added the following line, for each
possible subnet
$fwcmd add 10100 deny all from any to private network:255.255.0.0
${natd_enabled:+out} via ${oif}
( oif is my external interface)
I am running "nat" from "rc.local" script with the following lines in it.
/sbin/natd -f /etc/natd.conf
And my /etc/natd.conf file looks like this;
----------------------------------------------------------------------------
----------------------------
log_denied yes
log_facility local
# translate outgoing packets only if they have RFC1918 addresses
#This is the line, If I want to send my Unregistered addresses to the world
unregistered_only yes
interface fxp0
redirect_port tcp Private Address:443 Public Address:443
----------------------------------------------------------------------------
--------------------------------
And I have defined a DNS entry pointing to my external server.
I am running "https" server on my internal server, and want to divert each
request for "443" to my internal server.
"Natd" is running, but It's not diverting the request for port "443" to my
internal server. Can any body please help me out.
Thanks;
______________________________________________________________
Imran Ahmad imran.ahmad@bby.com.au
Infrastructure System Manager
Phone:+61 2 92260000 Direct:+61 2 9226 0059
Mobile:+61 412 560059 Fax: +61 2 9226 0066
______________________________________________________________
This electronic mail may contain general securities advice or
personal securities recommendations which, while believed to
be accurate at the time of publication, are not appropriate
for all persons or accounts. Persons or entities considering
any advice or recommendations should contact a Burdett
Buckeridge Young adviser with any additional questions
regarding whether or not the recommendations given are
suitable to the person~Rs investment objectives, financial
situation and particular needs. From time to time, BBY, its
officers, directors, associates and the writer of this
report may hold a position in the securities covered.
Burdett Buckeridge Young does not accept liability (other
than statutory liability) for any errors or omissions or for
loss or damage incurred as a result of a person or entity
acting in reliance on this document or any attachments.
_____________________________________________________________
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000426114322.00acbb10>