Date: Wed, 29 Aug 2001 05:40:08 From: "Joel Rosenberg" <thisisjoel@hotmail.com> To: nick@rogness.net, freebsd-questions@freebsd.org Subject: Re: Forwarding packets from the internal network Message-ID: <F146mdMJOtd3rOE9TuH0001501b@hotmail.com>
next in thread | raw e-mail | index | archive | help
>You can try the -same_ports option to natd. Yeah, I already tried that, to no avail. >I believe what he is saying is that 192.168.1.21 is responding to >port 80 requests with a src_port of 80 and not 81 which would not >work. So if I understand correctly: > > 1) natd gets packet from outside world: > > SOURCE DESTINATION > remote_IP:16675 --> your_nat_outside_IP:81 > > 2) natd changes packet to: > > SOURCE DESTINATION > remote_IP:16675 --> 192.168.1.21:80 > > 3) Packet gets sent to 192.168.1.21 port 80 > > 4) 192.168.1.21 responds sending packet back to natd > machine. > > 5) natd changes packet to: > > SOURCE DESTINATION > your_nat_outside_IP:80 --> remote_IP:16675 > > 6) packet gets sent out into the world. > > > Step #5 you want it to be: > > your_nat_outside_IP:81 --> remote_IP:16675 > > Is this the problem you were describing? Bingo. 192.168.1.20 and 192.168.1.21 aren't webservers, they're appliances that have a limited number of customizable options, so it looks like I can't have 192.168.1.21 operate on port 80, so the only option I see is to have natd or some other method retranslate traffic from 192.168.1.21:80 as coming from 192.168.1.21:81, so that when the machine on the internet responds, it doesn't respond on port 80, thereby getting translated to 192.168.1.20. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F146mdMJOtd3rOE9TuH0001501b>