Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 21 Sep 2007 20:05:45 +0200
From:      Max Laier <max@love2party.net>
To:        freebsd-pf@freebsd.org
Subject:   Re: Weird Problem with NAT
Message-ID:  <200709212005.56060.max@love2party.net>
In-Reply-To: <991123400709211027g350059e5kbbef276fd6a6bd6b@mail.gmail.com>
References:  <991123400709211027g350059e5kbbef276fd6a6bd6b@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
--nextPart1598668.dlFP9klTe9
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Friday 21 September 2007, Washington Odhiambo wrote:
> Hello people,
>
> I have a box which I'd like to do some port forwarding to two boxes on
> my internal LAN.
>
> I have reduced my pf.conf to just the following:
>
> # define macros for each network interface
> extif =3D "em0"
> intif =3D "xl0"
> server =3D "192.168.0.2"
> exch_svr =3D "192.168.0.26"
>
> services=3D"{ 80, 110, 443, 53 }"
> exchange_svcs=3D"{ 3000 }"
>
> rdr pass on $extif inet proto tcp to port $services -> $server
> rdr pass on $extif inet proto tcp to port $exchange_svcs -> $exch_svr
> port 80 rdr pass on $extif inet proto { tcp, udp } to port $services ->
> $server
>
>
> Well, this server's external IP is 212.22.160.35, if anyone is
> interested.
>
> I have been trying whole day to get "telnet 212.22.160.35 110" to
> work, but it wouldn't.

=46rom where?

> From the server, I can connect to 192.168.0.2 port 110 without a=20
> problem.=20
>
> I am stuck at the moment.
>
> What am I missing?
>
> FreeBSD 6.2-STABLE here.

The dumps you sent in the other mail are pretty useless.  What is required=
=20
is a dump from the internal interface and/or from the destination router=20
itself.

Are you sure you got the routing right on all boxes?  Do you have=20
net.inet.ip.forwarding enabled?  Where are you trying from?

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--nextPart1598668.dlFP9klTe9
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)

iD8DBQBG9AgEXyyEoT62BG0RApJtAJ0WhHOiPoBzuLMXiU/NP2VDwVz0LACdGdCF
ZmigigTxpDb3R+0zcw/ZJ3E=
=/GFr
-----END PGP SIGNATURE-----

--nextPart1598668.dlFP9klTe9--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200709212005.56060.max>