From owner-freebsd-questions Thu Jan 10 21:38:51 2002 Delivered-To: freebsd-questions@freebsd.org Received: from femail33.sdc1.sfba.home.com (femail33.sdc1.sfba.home.com [24.254.60.23]) by hub.freebsd.org (Postfix) with ESMTP id 9614C37B404 for ; Thu, 10 Jan 2002 21:38:45 -0800 (PST) Received: from www.technaholics.com ([65.6.242.64]) by femail33.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20020111053840.ETHL12857.femail33.sdc1.sfba.home.com@www.technaholics.com> for ; Thu, 10 Jan 2002 21:38:40 -0800 Received: from spgcalbert ([10.15.1.20]) by www.technaholics.com (8.11.3/8.11.3) with SMTP id g0B5c6n02741 for ; Thu, 10 Jan 2002 23:38:22 -0600 (CST) (envelope-from chadalbert@home.com) Message-ID: <01fa01c19a62$2ec799b0$14010f0a@spgcalbert> From: "Chad Albert" To: References: <001c01c19a52$3c1bb890$14010f0a@spgcalbert> Subject: Re: natd Date: Thu, 10 Jan 2002 23:38:01 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I found my answer. Thanks anyway. I just needed to add an alias address to my redirect_port rule like this: redirect_port tcp 10.15.1.20:5001 my.outside.address.a:5001 That'll teach me to go to the man pages first huh :-O ----- Original Message ----- From: "Chad Albert" To: Sent: Thursday, January 10, 2002 9:44 PM Subject: natd > Hello all! > I am have an interesting task at hand and I need some help. I am setting up > a firewall/NAT box with natd and ipfirewall (ipfw). My outside NIC has two > addresses and I am port forwarding a TCP port to the inside. My problem is > that when someone hits outside address B they get forwarded to my internal > server and the outbound responses head back through the firewall only to > head out through outside address A. As you can imagine this does not work > since the outbound traffic's first packet is a SYN + ACK packet from an > address that the client never sent a SYN packet to. Does anyone know how to > make sure that communication on a certain port always goes out as a specific > address and all other outbound initiated traffic goes out the other address? > > current natd config file: > > redirect_port tcp 10.15.1.20:21 21 > redirect_port tcp 10.15.1.4:443 3389 > redirect_port tcp 10.15.1.20:5001 5001 > > I would really like to make sure that any traffic that gets forwarded can go > out using the address it originally came in on. > > Any suggestions are greatly appreciated! > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message