From owner-freebsd-questions@FreeBSD.ORG Tue Jun 13 13:45:23 2006 Return-Path: X-Original-To: questions@FreeBSD.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8991416A41A for ; Tue, 13 Jun 2006 13:45:23 +0000 (UTC) (envelope-from svsm@mail.ru) Received: from mx7.mail.ru (mx7.mail.ru [194.67.23.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id E265143D46 for ; Tue, 13 Jun 2006 13:45:22 +0000 (GMT) (envelope-from svsm@mail.ru) Received: from [213.131.2.16] (port=17169 helo=neuro) by mx7.mail.ru with smtp id 1Fq9Co-000PuB-00; Tue, 13 Jun 2006 17:45:21 +0400 Message-ID: <000601c68eef$9debebd0$0901a8c0@neuro> From: "Vasili S." To: "FBSD_UG" References: <000601c68b0a$d030f100$1608a8c0@neuro> <40297E51-7924-4F6B-87C1-1FBBF000508A@amadeus.demon.nl> Date: Tue, 13 Jun 2006 17:45:18 +0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Cc: questions@FreeBSD.org Subject: Re: Help redirect port X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Vasili S." List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jun 2006 13:45:23 -0000 ----- Original Message ----- From: "FBSD_UG" To: "Vasili S." Cc: Sent: Tuesday, June 13, 2006 3:49 AM Subject: Re: Help redirect port > On 08 jun 2006, at 16:49, Vasili S. wrote: > >> I try make redirect port by natd >> # natd -n ed1 -redirect_port tcp 192.168.1.100:80 8080 >> no work >> >> Not see traffic by tcpdump, >> Not see listen port (netstat or sockstat) >> >> why ? >> >> interfaces >> ~~~~~~~ >> >> ed1: flags=8843 mtu 1500 >> inet A.B.C.D netmask 0xffffffc0 broadcast A.B.C. >> ether 00:02:44:08:74:7a >> de0: flags=8843 mtu 1500 >> inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 >> ether 00:40:05:30:9f:ed >> media: autoselect (100baseTX ) status: active >> supported media: autoselect 100baseTX 100baseTX >> 10baseT/UT >> >> >> kernel: >> ~~~~~ >> >> options IPFIREWALL >> options IPDIVERT >> options IPFIREWALL_DEFAULT_TO_ACCEPT >> options IPFIREWALL_VERBOSE >> >> ipfw ="OPEN" >> >> >> Thanks, >> Vasili > > Hey Vasili > > what are your firewall rules? > you should divert traffic to have nat do any work... > > Arno > Hi Arno I do not understand how make divert traffic for nat In rc.firewall exist config line: if [ -n "${natd_interface}" ]; then ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} Summary config: ipfw ="OPEN" natd_interface='ed1' rc.firewall: if [ -n "${natd_interface}" ]; then ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} #ipfw show 00050 733 74509 divert 8668 ip from any to any via ed1 00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 954 92225 allow ip from any to any 65535 2 168 allow ip from any to any #ps 232 ?? Rs 0:00.27 /sbin/natd -redirect_port tcp 192.168.1.100:80 8080 -n ed1 but no work :(( Vasili.