Date: Sat, 27 Dec 2008 17:30:23 -0800 From: "Richard Yang" <kusanagiyang@gmail.com> To: usleepless@gmail.com Cc: questions@freebsd.org Subject: Re: nat and ipfw, port forwarding Message-ID: <abd417bf0812271730n47c7a495udce5b83999018ece@mail.gmail.com> In-Reply-To: <c39ec84c0812270840r2d66c423p7c9929e2705322e8@mail.gmail.com> References: <abd417bf0812261227s52c0e950o2821ade2951abc5c@mail.gmail.com> <c39ec84c0812270840r2d66c423p7c9929e2705322e8@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
thank you, usleep (nice name)i somehow made it work by 1. add "redirect_port udp 10.0.0.200:50000 50000" in natd.conf 2. allow all traffic and diversion in ipfw.rules i tried to limit the traffic by modifying the rules in ipfw.rules, but unsuccessfully. so i just leave it be at this moment. i am very confused by the roles of natd and ipfw, and how they should work together. rich On Sat, Dec 27, 2008 at 8:40 AM, <usleepless@gmail.com> wrote: > Hi Ricard, > > On Fri, Dec 26, 2008 at 9:27 PM, Richard Yang <kusanagiyang@gmail.com>wrote: > >> hi, >> i have a ssh machine behind a freebsd firewall with nat and ipfw. >> how do i make port forwarding so internet can access the ssh machine? >> thanx >> > > i think you need to configure /etc/ipnat.conf ( read 'man ipnat' ). this is > a example definition: > rdr em1 0.0.0.0/0 port 2223 -> 192.168.1.96 port 22 > > ( this redirects incoming traffic on outside-interface em1 port 2223 to an > internal machine on port 22 ) > > also, include "firewall_nat_enable" in your rc.conf ( read 'man rc.conf' ) > > to configure the settings from ipnat.conf, run "ipnat -C -f > /etc/ipnat.conf" > > regards, > > usleep > >> >> >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?abd417bf0812271730n47c7a495udce5b83999018ece>