Date: Tue, 12 Sep 2000 17:54:31 -0700 From: edinel@zack.com To: freebsd-questions@freebsd.org Subject: Natd Failing to properly rewrite packets Message-ID: <20000912175431.E10483@zack.com>
index | next in thread | raw e-mail
So I'm building a replacement for our current firewall.
Right now it's set up as a firewall_type="open" firewall
natd is running with the following conf file:
log
interface fxp0
redirect_port tcp 10.0.2.12:80 80
redirect_port tcp 10.0.0.2:22 22
IPDIVERT and IPFIREWALL are both compiled in.
And yet packets sent to port 80 of the interface never come back.
If I turn on verbose logging I get:
natd[299]: Aliasing to 205.179.125.67, mtu 1500 bytes
In [TCP] [TCP] 205.179.125.70:3094 -> 205.179.125.67:80 aliased to
[TCP] 205.179.125.70:3094 -> 10.0.2.12:80
In [TCP] [TCP] 205.179.125.70:3094 -> 205.179.125.67:80 aliased to
[TCP] 205.179.125.70:3094 -> 10.0.2.12:80
The truly odd thing is if I try to forward port 80 to some other *external*
host, I get this:
In [TCP] [TCP] 205.179.125.70:3095 -> 205.179.125.67:80 aliased to
[TCP] 205.179.125.70:3095 -> 171.64.13.135:80
Out [TCP] [TCP] 205.179.125.70:3095 -> 171.64.13.135:80 aliased to
[TCP] 205.179.125.67:3095 -> 171.64.13.135:80
And the port-forwarding works.
I'm out of guesses, any help from the crowds?
--
| Eddie Dinel | eddie@zack.com |
| Zack Network | (650) 286 9225 x3032 |
|---------------------------------------------------------------------------|
| I don't know, it looks kinda like a squirrel to me... |
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000912175431.E10483>