Date: Wed, 5 Jun 2002 16:46:41 -0700 From: "Adam Lofstedt" <adaml@visimation.com> To: <freebsd-questions@FreeBSD.ORG> Subject: IPNAT redirect multiple IPs on external NIC Message-ID: <00b201c20ceb$3ee3ce80$6401a8c0@adam>
next in thread | raw e-mail | index | archive | help
Hey, I am using FBSD as a firewall/NAT router with IP Filter and IP NAT. This machine is multi-homed, with external/internal interfaces. On internal network, there is one machine that is both web server and email server. I am using port forwarding and redirection to redirect traffic on the external interface to ports 80, 143, 25, and 110 of the web/email machine. Problem: I want to run two different email and web servers on the web/email machine that share the same ports. So, I thought I would add another IP to the external interface of BSD box, and redirect traffic on that IP to a second IP address that I have given to the web/email server (I have already told the web/email programs to only listen on their respective IP addresses). So, External IP #1 should forward to Internal IP#1, and External IP #2 should forward to Internal IP#2. However, when I telnet to port 25 of IP #2, the mail server that is listening on internal IP#1 responds. Obviously it is not working. Here is my IPNAT.RULES: _______________________________________ # dev inside ip local inet ip map dc0 10.0.0.0/24 -> ExternalIP#1Here/32 portmap tcp/udp 1:65000 map dc0 10.0.0.0/24 -> ExternalIP#1Here/32 #redirect Internet Services to Web/Email Server rdr dc0 ExternalIP#1Here/32 port 80 -> 10.0.0.4 port 80 rdr dc0 ExternalIP#1Here/32 port 110 -> 10.0.0.4 port 110 rdr dc0 ExternalIP#1Here/32 port 25 -> 10.0.0.4 port 25 rdr dc0 ExternalIP#1Here/32 port 143 -> 10.0.0.4 port 143 #redirect Lyris email traffic to port 25 of IP#2 on Web/Email server rdr dc0 ExternalIP#2Here/32 port 25 -> 10.0.0.5 port 25 #redirect Lyris webserver traffic to port 80 of 10.0.0.5 rdr dc0 ExternalIP#2Here/32 port 80 -> 10.0.0.5 _____________________________________ Here is my rc.conf with device aliases: network_interfaces="dc0 rl0 lo0 tun0" ifconfig_dc0="inet ExternalIP#2Here netmask 255.255.255.240" ifconfig_dc0="inet ExternalIP#1Here netmask 255.255.255.240 alias" ________________________ I suspect I need to map the inside IP#2 (10.0.0.5) to the External IP#2, but when I add the following to IPNAT.RULES, all traffic is stopped on the interfaces: map dc0 10.0.0.0/24 -> ExternalIP#2Here/32 portmap tcp/udp 1:65000 map dc0 10.0.0.0/24 -> ExternalIP#2Here/32 I guess you can't map two IP's to the same local network??? Can anyone provide suggestions? Adam Lofstedt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b201c20ceb$3ee3ce80$6401a8c0>