From owner-freebsd-isp  Tue Nov 13  9:18:32 2001
Delivered-To: freebsd-isp@freebsd.org
Received: from web20102.mail.yahoo.com (web20102.mail.yahoo.com [216.136.226.39])
	by hub.freebsd.org (Postfix) with SMTP id B320337B405
	for <freebsd-isp@freebsd.org>; Tue, 13 Nov 2001 09:18:27 -0800 (PST)
Message-ID: <20011113171827.77688.qmail@web20102.mail.yahoo.com>
Received: from [62.11.71.109] by web20102.mail.yahoo.com via HTTP; Tue, 13 Nov 2001 18:18:27 CET
Date: Tue, 13 Nov 2001 18:18:27 +0100 (CET)
From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= <freefabri@yahoo.it>
Subject: RE: Nat Gateway Firewall rules
To: john@day-light.com
Cc: freebsd-isp@freebsd.org
In-Reply-To: <000401c16c5a$c30f49a0$1505010a@daylight.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-isp.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-isp>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-isp>
X-Loop: FreeBSD.org

many thanks for help,now I've tought to another
problem, I've read on the FreebSD Handbook
(cap17.11-Nat) and the natd manual page that with the
option -redirect_address, if I have for example a www
server I can redirect the traffic to this server wich
is on the internal Lan or also to another machine with
public Ip.
But the problem is: if I have two or more web servers
in the lan or also out of the Lan which they must be
reached from the internet how can I redirect with
natd?
Because with natd I can redirect (I understood) only
one machine for one service.
Shortly the scheme:

		INTERNET
		  |
                  |PublicIP1
                +---------+
                | NAT     |
		|Firewall |
                +---------+       PublicIP2
    +----+        |  |           +------+
    |WWW1|--------+  +-----+-----| WWW2 |
    +----+                 |     +------+
      PublicIp3            |
      or InternalLan1      |DNS


Thanks,bye

 
--- John Brooks <john@day-light.com> ha scritto: > Try
these:
> 
> http://www.obfuscation.org/ipf/
> 
> http://geodsoft.com/howto/harden/
> 
> --
> John Brooks
> Email:  john@stlbsd.org 
> 
> -----Original Message-----
> 
> ...snip...
> 
> I must provide a strong Firewall set of rules on the
> nat, where can I find some docs to do such a thing?
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the
message 

______________________________________________________________________

Abbonati a Yahoo! ADSL con Atlanet!
Naviga su Internet ad alta velocitą, e senza limiti di tempo! 
Per saperne di pił vai alla pagina http://adsl.yahoo.it

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message