Date: Sat, 30 Oct 2004 17:25:57 -0700 (PDT) From: Zhelyazko Georgiev <jeliazkoge@yahoo.com> To: freebsd-questions@freebsd.org Subject: ipnat question: Message-ID: <20041031002557.34298.qmail@web41712.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
--0-1348357793-1099182357=:33053 Content-Type: text/plain; charset=us-ascii Content-Id: Content-Disposition: inline Hello, I'm connected to internet trough LAN, I have router running freeBSD 5.2. I have several windows boxes in my ibternal network. I want to be able to access the remote desktop from outside on one of the windows boxes. For that reason I'm using IPfirewal and ipnat. Attached are my rc.conf, ipf.rules and ipnat.rules. The router is working fine except I cannot get it to forward ports, like I did on my linux box. The IPs of my internal network are 192.168.1.0/24, the external IP is 84.21.192.150. Please tell me what I'm doing wrong.Thank you very much in advance. Zhelyazko. __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail --0-1348357793-1099182357=:33053 Content-Type: text/plain; name="ipf.rules.txt" Content-Description: ipf.rules.txt Content-Disposition: inline; filename="ipf.rules.txt" block in all block out all pass in quick on lo0 pass out quick on lo0 pass in quick on rl1 from 192.168.1.0/24 to any pass out quick on rl1 from any to 192.168.1.0/24 pass out on rl0 proto tcp from any to any flags S keep state keep frags pass out on rl0 proto udp from any to any keep state pass out on rl0 proto icmp from any to any icmp-type 8 keep state pass out on rl0 proto gre from any to any keep state # #Allow SSH access pass in on rl0 proto tcp/udp from any to 84.21.192.150 port = 22 keep state # #Allow ping requests pass in on rl0 proto icmp from any to 84.21.192.150 keep state # #Allow connection on port 3389 for internal Windows RTD pass in on rl0 proto tcp/udp from any to 84.21.192.150 port = 3389 keep state --0-1348357793-1099182357=:33053 Content-Type: text/plain; name="ipnat.rules.txt" Content-Description: ipnat.rules.txt Content-Disposition: inline; filename="ipnat.rules.txt" ipnat.rules : map rl0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto map rl0 192.168.1.0/24 -> 0/32 rdr rl0 0.0.0.0/32 port 3389 -> 192.168.1.2 port 3389 tcp/udp --0-1348357793-1099182357=:33053 Content-Type: text/plain; name="rc.conf.txt" Content-Description: rc.conf.txt Content-Disposition: inline; filename="rc.conf.txt" defaultrouter="84.21.192.1" gateway_enable="YES" hostname="ironhost.server.com" #ipsec_enable="YES" #enable_firewall="YES" #firewall_type="OPEN" #firewall_quiet="YES" ipfilter_enable="YES" ipfilter_rules="/etc/ipf.rules" ipnat_enable="YES" #natd_enable="YES" #natd_interface="rl0" #natd_flags="-f /etc/natd.rules" sendmail_enable="NONE" fsck_y_enable="YES" syslogd_enable="NO" #inetd_enable="YES" ifconfig_rl0="inet 84.21.192.150 netmask 255.255.255.0" ifconfig_rl1="inet 192.168.1.1 netmask 255.255.0.0" linux_enable="YES" moused_enable="YES" sshd_enable="YES" usbd_enable="NO" # This file now contains just the overrides from /etc/defaults/rc.conf. # Please make all changes to this file, not to /etc/defaults/rc.conf. # Enable network daemons for user convenience. # Created: Fri Feb 4 09:25:44 2000 # -- sysinstall generated deltas -- # Fri Feb 4 09:25:44 2000 ifconfig_rl0="inet 84.21.192.150 netmask 255.255.255.0" ifconfig_rl1="inet 192.168.1.1 netmask 255.255.0.0" defaultrouter="84.21.192.1" hostname="ironhost.server.com" --0-1348357793-1099182357=:33053--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041031002557.34298.qmail>