Date: Thu, 10 Jan 2002 23:38:01 -0600 From: "Chad Albert" <chadalbert@home.com> To: <freebsd-questions@FreeBSD.ORG> Subject: Re: natd Message-ID: <01fa01c19a62$2ec799b0$14010f0a@spgcalbert> References: <001c01c19a52$3c1bb890$14010f0a@spgcalbert>
next in thread | previous in thread | raw e-mail | index | archive | help
I found my answer. Thanks anyway. I just needed to add an alias address to my redirect_port rule like this: redirect_port tcp 10.15.1.20:5001 my.outside.address.a:5001 That'll teach me to go to the man pages first huh :-O ----- Original Message ----- From: "Chad Albert" <chadalbert@home.com> To: <freebsd-questions@FreeBSD.ORG> Sent: Thursday, January 10, 2002 9:44 PM Subject: natd > Hello all! > I am have an interesting task at hand and I need some help. I am setting up > a firewall/NAT box with natd and ipfirewall (ipfw). My outside NIC has two > addresses and I am port forwarding a TCP port to the inside. My problem is > that when someone hits outside address B they get forwarded to my internal > server and the outbound responses head back through the firewall only to > head out through outside address A. As you can imagine this does not work > since the outbound traffic's first packet is a SYN + ACK packet from an > address that the client never sent a SYN packet to. Does anyone know how to > make sure that communication on a certain port always goes out as a specific > address and all other outbound initiated traffic goes out the other address? > > current natd config file: > > redirect_port tcp 10.15.1.20:21 21 > redirect_port tcp 10.15.1.4:443 3389 > redirect_port tcp 10.15.1.20:5001 5001 > > I would really like to make sure that any traffic that gets forwarded can go > out using the address it originally came in on. > > Any suggestions are greatly appreciated! > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01fa01c19a62$2ec799b0$14010f0a>