From owner-freebsd-questions Thu Jun 15 12:31:34 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail2.wmptl.com (mail2.wmptl.com [216.221.73.131]) by hub.freebsd.org (Postfix) with ESMTP id 86AB337BE9D for ; Thu, 15 Jun 2000 12:31:29 -0700 (PDT) (envelope-from engineer@mnsi.net) Received: from mnsi.net ([10.0.0.168]) by mail2.wmptl.com (8.9.3/8.9.3) with ESMTP id PAA85148 for ; Thu, 15 Jun 2000 15:44:34 -0400 (EDT) (envelope-from engineer@mnsi.net) Message-ID: <39492EDD.AEBD3435@mnsi.net> Date: Thu, 15 Jun 2000 15:30:37 -0400 From: Joseph Vidican X-Mailer: Mozilla 4.72 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 To: questions@freebsd.org Subject: natd and natd Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm currently running natd on a box acting as a gateway for a private LAN to access the internet. I would like to source some of it's ports on it's internet IP to some of the machines inside our network. Something similar to the following: Box 1: -FreeBSD 3.4/IPFW+natd Gateway (working) -internet IP 206.48.122.2 -private IP 192.168.2.254 (255.255.255.0) I want people on the internet to be able to connect to 206.48.122.2:80, and actually get 192.168.2.168:80. Similarily, I'd like to alias 206.48.122.2:21 to 192.168.2.123:21, and 206.48.122.2:12000 to 192.168.2.168:12000. Is this possible? Can I have natd performing both functions on the same machine? Here is how I have natd running currently: /sbin/natd -m -f /etc/natd.conf -n ed1 natd.conf: use_sockets no port 7268 # ipfirewall directs to this port instead of standard natd port interface ed1 (EOF) I tried adding this to /etc/natd.conf, and restarting natd, but it doesn't work: redirect_port tcp 192.168.2.168:80 206.48.122.2:80 redirect_port tcp 192.168.2.168:12000 206.48.122.2:12000 If I cannot perform this kind of function from the same box that natd runs on as a gateway; could this be done from a second box with a static IP address to the internet? (our webserver/ftp/email box) ? I understand I couldn't alias 21 or 80 if I used this second machine, but I could at least do port 12000 no? -- Nathan Vidican webmaster@wmptl.com Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message