Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Jun 2006 17:45:18 +0400
From:      "Vasili S." <svsm@mail.ru>
To:        "FBSD_UG" <freebsd@amadeus.demon.nl>
Cc:        questions@FreeBSD.org
Subject:   Re: Help redirect port 
Message-ID:  <000601c68eef$9debebd0$0901a8c0@neuro>
References:  <000601c68b0a$d030f100$1608a8c0@neuro> <40297E51-7924-4F6B-87C1-1FBBF000508A@amadeus.demon.nl>
next in thread | previous in thread | raw e-mail | index | archive | help 

----- Original Message ----- 
From: "FBSD_UG" <freebsd@amadeus.demon.nl>
To: "Vasili S." <svsm@mail.ru>
Cc: <questions@FreeBSD.org>
Sent: Tuesday, June 13, 2006 3:49 AM
Subject: Re: Help redirect port


> On 08 jun 2006, at 16:49, Vasili S. wrote:
>
>> I try make  redirect port by natd
>> # natd -n ed1 -redirect_port tcp 192.168.1.100:80 8080
>> no work
>>
>> Not see traffic by tcpdump,
>> Not see listen port (netstat or sockstat)
>>
>> why ?
>>
>> interfaces
>> ~~~~~~~
>>
>> ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>>         inet A.B.C.D netmask 0xffffffc0 broadcast A.B.C.
>>         ether 00:02:44:08:74:7a
>> de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>>         inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
>>         ether 00:40:05:30:9f:ed
>>         media: autoselect (100baseTX <full-duplex>) status: active
>>         supported media: autoselect 100baseTX <full-duplex>  100baseTX 
>> 10baseT/UT
>>
>>
>> kernel:
>> ~~~~~
>>
>> options         IPFIREWALL
>> options         IPDIVERT
>> options         IPFIREWALL_DEFAULT_TO_ACCEPT
>> options         IPFIREWALL_VERBOSE
>>
>> ipfw ="OPEN"
>>
>>
>> Thanks,
>> Vasili
>
> Hey Vasili
>
> what are your firewall rules?
> you should divert traffic to have nat do any work...
>
> Arno
>
Hi Arno

I do not understand how make divert traffic for nat
In rc.firewall exist config line:

                if [ -n "${natd_interface}" ]; then
                      ${fwcmd} add 50 divert natd all from any to any via 
${natd_interface}


Summary config:

ipfw ="OPEN"
natd_interface='ed1'

rc.firewall:

                if [ -n "${natd_interface}" ]; then
                      ${fwcmd} add 50 divert natd all from any to any via 
${natd_interface}

#ipfw show

00050 733 74509 divert 8668 ip from any to any via ed1
00100   0     0 allow ip from any to any via lo0
00200   0     0 deny ip from any to 127.0.0.0/8
00300   0     0 deny ip from 127.0.0.0/8 to any
65000 954 92225 allow ip from any to any
65535   2   168 allow ip from any to any

#ps

232  ??  Rs     0:00.27 /sbin/natd -redirect_port tcp 192.168.1.100:80 
8080 -n ed1


but no work :((

Vasili.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000601c68eef$9debebd0$0901a8c0>