From owner-freebsd-questions Tue Jan 8 0:55:51 2002 Delivered-To: freebsd-questions@freebsd.org Received: from avocet.prod.itd.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50]) by hub.freebsd.org (Postfix) with ESMTP id DF16A37B419 for ; Tue, 8 Jan 2002 00:55:48 -0800 (PST) Received: from user-2ivfoir.dialup.mindspring.com ([165.247.226.91] helo=gohan.cjclark.org) by avocet.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16Ns2q-0002Z3-00; Tue, 08 Jan 2002 00:55:46 -0800 Received: (from cjc@localhost) by gohan.cjclark.org (8.11.6/8.11.1) id g088tQc02721; Tue, 8 Jan 2002 00:55:26 -0800 (PST) (envelope-from cjc) Date: Tue, 8 Jan 2002 00:55:25 -0800 From: "Crist J. Clark" To: Joseph Bogner Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW/NATD redirect_port problem Message-ID: <20020108005525.I286@gohan.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20020104203714.GA28669@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020104203714.GA28669@mindspring.com>; from bognerj@mindspring.com on Fri, Jan 04, 2002 at 03:37:14PM -0500 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Jan 04, 2002 at 03:37:14PM -0500, Joseph Bogner wrote: > Hello, I have a problem with natd and ipfw. I am trying to redirect > traffic from my freebsd gateway, 192.168.0.25 to my internal web > server, 192.168.0.1. The freebsd gateway is connected through pppoe to > earthlink on /dev/tun0. This all looks good. > [root@dmzsilo ratm]# tcpdump port http > Kernel filter, protocol ALL, TURBO mode (575 frames), datagram packet > socket > tcpdump: listening on all devices > 11:07:24.731111 ppp0 > user-2injgpx.dialup.mindspring.com.1891 > > user-2injgkx.dsl.mindspring.com.http: S 1879014911:1879014911(0) win > 5808 (DF) > 11:07:24.841111 eth0 < user-2injgpx.dialup.mindspring.com.1891 > > 192.168.0.1.http: S 1879014911:1879014911(0) win 5808 1412,sackOK,timestamp 26006972 0,nop,wscale 0> (DF) > 11:07:27.731111 ppp0 > user-2injgpx.dialup.mindspring.com.1891 > > user-2injgkx.dsl.mindspring.com.http: S 1879014911:1879014911(0) win > 5808 (DF) > 11:07:27.871111 eth0 < user-2injgpx.dialup.mindspring.com.1891 > > 192.168.0.1.http: S 1879014911:1879014911(0) win 5808 1412,sackOK,timestamp 26007272 0,nop,wscale 0> (DF) The web server on 192.168.0.1 is actually working, right? On user-2injgkx.dsl.mindspring.com you can, $ telnet 192.168.0.1 80 And talk to the webserver, right? -- "It's always funny until someone gets hurt. Then it's hilarious." Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message