From owner-freebsd-questions  Wed Oct 20 22:18:34 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from cummings.uol.com.br (cummings.uol.com.br [200.230.198.69])
	by hub.freebsd.org (Postfix) with ESMTP
	id 919C414C43; Wed, 20 Oct 1999 22:18:15 -0700 (PDT)
	(envelope-from julianherrera@uol.com.br)
Received: from etherial (200-191-20-242-as.acessonet.com.br [200.191.20.242])
	by cummings.uol.com.br (8.9.1/8.9.1) with SMTP id DAA09174;
	Thu, 21 Oct 1999 03:18:09 -0200 (BRST)
Message-ID: <001701bf1b83$812f7520$0201a8c0@etherial>
From: "Julian Diego Herrera Braga" <julianherrera@uol.com.br>
To: <freebsd-ipfw@FreeBSD.ORG>
Cc: <freebsd-questions@FreeBSD.ORG>
References: <Pine.OSF.4.10.9910202112340.18550-100000@jaguar.ir.miami.edu>
Subject: Re: Re: What about port redirection with ip aliasing ?
Date: Thu, 21 Oct 1999 03:16:57 -0200
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



I already checked out this manpage (I always verify the manpages before
appealing to mailing lists), and I didn't find anything applicable well.
In the ppprouter.nostromo machine (the gateway) I run ppp -alias to
connect to the Internet (with tun0), connect through the tun1 device
to the ether.nostromo (the client) and finally run natd with several
configurations like :

natd -v -s -redirect_port tcp 192.168.1.2:21 6666 -redirect_address \
192.168.1.2 0.0.0.0 -n tun0

where 192.168.1.2 is ether.nostromo's IP, tun0 is the modem connection
interface to the ISP and Internet.

but when I try to telnet 200.191.20.193 6666 (where 200.191.20.193 is
the public IP number of the local gateway computer) the connection is not
made and the debug messages doesn't show any redirection from 200.230.180.18
(the ISP gateway) to the 192.168.1.2 on the 6666 port, only a redirection
to the local gateway IP (in this case 200.191.20.193). So, I think there is
no redirection to the ether.nostromo computer in the LAN.
Also, using the 'portscanner' program on the local gateway computer
(ppprouter)
it doesn't show any new port (maybe the 6666, I think so).
So, what's wrong ? Am I forgetting anything foolish ? May I use another
program
like ipfw (the local gateway is running a firewall, wich every time I run
after
the ppp connections and before natd) ? I'm using these ipfw options, as shown
in
the natd manpage :

ipfw -f flush
ipfw add divert natd all from any to any via tun0
ipfw add pass all from any to any

Thanks in advance...

------- Original Reply Folows -------------------
> Check out the ppp manpage.  The nat port command (or alias port) should do
> what you want.  To quote:
>
>   nat port proto targetIP:targetPort[-targetPort] aliasPort[-aliasPort]
>              [remoteIP:remotePort[-remotePort]]
>              This command causes incoming proto connections to aliasPort
>      to be redirected to targetPort on targetIP. proto is either
>      ``tcp'' or ``udp''.
>
> Joe Clarke

------ Original Message Follows ------------------------

> On Wed, 20 Oct 1999, Julian Diego Herrera Braga wrote:
>
> > Hello...
> >
> > One day my computer was without available ISA slots. I installed FreeBSD
but
> > the damned Winmodem doesn't work, so I had a idea to resurrect the other
> > pentium 100 computer to use its free slots to install an old 14kbps
modem.
> > FreeBSD was also loaded in this computer as a gateway to the other
computer
> > without modem and the internet by ip aliasing (ppp -alias). Since the
> > gateway computer doesn't have better space (170mb) and power to install
some
> > other programs, I would like to use it only for a gateway. This is the
small
> > LAN :
> >
> > ------------------         ----------------------
> > | ether.nostromo | serial  | ppprouter.nostromo | 14kbps  ------------
> > |   192.168.1.2  |---------|     192.168.1.1    |---------| Internet |
> > ------------------ cable   ---------------------- modem   ------------
> > P2 450Mhz                      Old Pentium 100 Mhz
> > FreeBSD 3.2                    FreeBSD 3.1
> > (ppp nullmodem)                (ppp -alias isp)
> >                                (ppp nullmodem)
> >                                natd [options]
> >
> > My problems appeared when I tried to access the client computer from
> > internet through the gateway. Such connection always finished on the
> > gateway computer. Finally, what I want to know is how can I get all
> > the gateway ports from telnetd, ftpd, httpd etc. redirected to the
> > respective client ports. Basically, is something like to make the
> > gateway computer ports invisible to the outside computers, so any
> > connection addressed to its IP will finish into the client computer
> > (ether.nostromo). Is this possible ? How ? Thank you for the attention.
> >
> > P.S.: I've used "natd -port_redirect 192.168.1.1:ftp ftp" and nothing has
> > changed. I tried some other options, but I am not sure what is the best
> > one. Is there any known natd guide on the internet for FreeBSD ?
> >
> > Regards,
> > Julian Herrera mailto:julianherrera@uol.com.br





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message