Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Apr 2000 12:07:12 +1000
From:      Imran Ahmad <imran.ahmad@bby.com.au>
To:        freebsd-questions@FreeBSD.ORG
Subject:   natd help
Message-ID:  <4.2.2.20000426114322.00acbb10@kid>

next in thread | raw e-mail | index | archive | help
Hi;
I am running FreeBSD 3.2 release and using it as a firewall. I am running 
"ipfw" kit. It's working fine and now I want to enable "nat" services on my 
firewall.
I have added the following rules to my firewall config file.

1. if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
         $fwcmd 50 add divert natd all from any to any via ${natd_interface}
         natd_enable=
         fi
2. On internal interface, I have added the following line, for each 
possible subnet
$fwcmd add 10100 deny all from any to private network:255.255.0.0 
${natd_enabled:+out} via ${oif}
( oif is my external interface)

I am running "nat" from "rc.local" script with the following lines in it.

/sbin/natd -f /etc/natd.conf

And my /etc/natd.conf file looks like this;
---------------------------------------------------------------------------- 
----------------------------
log_denied              yes
log_facility            local
# translate outgoing packets only if they have RFC1918 addresses
#This is the line, If I want to send my Unregistered addresses to the world
unregistered_only       yes
interface       fxp0
redirect_port   tcp Private Address:443 Public Address:443
---------------------------------------------------------------------------- 
--------------------------------
And I have defined a DNS entry pointing to my external server.
I am running "https" server on my internal server, and want to divert each 
request for "443" to my internal server.
"Natd" is running, but It's not diverting the request for port "443" to my 
internal server. Can any body please help me out.

Thanks;


______________________________________________________________
Imran Ahmad	     imran.ahmad@bby.com.au
Infrastructure System Manager
Phone:+61 2 92260000 Direct:+61 2 9226 0059		
Mobile:+61 412 560059 Fax: +61 2  9226 0066
______________________________________________________________
This electronic mail may contain general securities advice or
personal securities recommendations which,  while believed to
be accurate  at the time of publication, are  not appropriate
for all persons or accounts.  Persons or entities considering
any  advice  or  recommendations  should  contact  a  Burdett
Buckeridge  Young   adviser  with  any  additional  questions
regarding  whether  or  not  the  recommendations  given  are
suitable to the  person~Rs  investment  objectives,  financial
situation and  particular needs.  From time to time, BBY, its
officers,  directors,  associates  and  the  writer  of  this
report  may  hold  a  position  in  the  securities  covered.
Burdett Buckeridge Young does  not  accept  liability  (other
than statutory liability)  for any errors or omissions or for
loss or damage incurred as a  result  of a person  or  entity
acting  in reliance  on  this  document  or any  attachments.
_____________________________________________________________



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000426114322.00acbb10>