From owner-freebsd-questions Mon Mar 10 14:42:17 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4034337B401 for ; Mon, 10 Mar 2003 14:42:16 -0800 (PST) Received: from hgsmt01hpx0.hanze.nl (hgsmt01hpx1.hanze.nl [145.33.6.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C39543F93 for ; Mon, 10 Mar 2003 14:42:13 -0800 (PST) (envelope-from s.e.j.taaij@st.hanze.nl) Received: from hgsmt02hpx0.hanze.nl (root@hgsmt02hpx1 [145.33.6.236]) by hgsmt01hpx0.hanze.nl (8.9.3/8.9.3) with ESMTP id XAA08527 for ; Mon, 10 Mar 2003 23:37:19 +0100 (MET) Received: from webmail.helo.hanze.nl (webmail.helo.hanze.nl [145.33.6.242]) by hgsmt02hpx0.hanze.nl (8.9.3/8.9.3) with ESMTP id XAA05518 for ; Mon, 10 Mar 2003 23:39:08 +0100 (MET) X-WebMail-UserID: 140806@st.hanze.nl Date: Mon, 10 Mar 2003 23:42:11 +0100 From: Sanne Taaij To: freebsd-questions@FreeBSD.ORG X-EXP32-SerialNo: 00003548, 00003674, 00003784, 00003717 Subject: Reaching FTP on internal network behind NAT/router FreeBSD 4.7 Message-ID: <3E698EB5@webmail.helo.hanze.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit X-Mailer: WebMail (Hydra) SMTP v3.61 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I run FreeBSD 4.7 My goal is to connect from the internet to my FTP which is running on my internal network at :6666. So I figured to use port redirection on my FreeBSD NAT/router.Which consists of 2 nic, rl0 and rl1 . ------------------ /etc/rc.conf defaultrouter= firewall_type="open" natd_flags="-s -u -m redirect_port tcp :6666 6666 redirect_port udp :6666 6666" ------------------ Is this enough to let it work ? I can't connect with an ftp client from one of the internal ip adresses to my public adress. The firewall is configured "open". Should I add a rule like this: ------------------- /etc/rc.firewall $fwcmd add pass tcp from any 6666 to any 6666 $fwcmd add pass udp from any 6666 to any 6666 ------------------- to let it work? Maybe add a keep-state rule...? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message