From owner-freebsd-questions Fri Jun 16 0:41:17 2000 Delivered-To: freebsd-questions@freebsd.org Received: from merlin.prod.itd.earthlink.net (merlin.prod.itd.earthlink.net [207.217.120.156]) by hub.freebsd.org (Postfix) with ESMTP id 6E95E37BA70 for ; Fri, 16 Jun 2000 00:41:15 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from dialin-client.earthlink.net (pool0142.cvx21-bradley.dialup.earthlink.net [209.179.192.142]) by merlin.prod.itd.earthlink.net (8.9.3-EL_1_3/8.9.3) with ESMTP id AAA17391; Fri, 16 Jun 2000 00:41:13 -0700 (PDT) Received: (from cjc@localhost) by dialin-client.earthlink.net (8.9.3/8.9.3) id AAA00342; Fri, 16 Jun 2000 00:39:50 -0700 (PDT) Date: Fri, 16 Jun 2000 00:39:49 -0700 From: "Crist J. Clark" To: Joseph Vidican Cc: questions@FreeBSD.ORG Subject: Re: natd and natd Message-ID: <20000616003949.D287@dialin-client.earthlink.net> Reply-To: cjclark@alum.mit.edu References: <39492EDD.AEBD3435@mnsi.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <39492EDD.AEBD3435@mnsi.net>; from engineer@mnsi.net on Thu, Jun 15, 2000 at 03:30:37PM -0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Jun 15, 2000 at 03:30:37PM -0400, Joseph Vidican wrote: > I'm currently running natd on a box acting as a gateway for a private > LAN to access the internet. I would like to source some of it's ports on > it's internet IP to some of the machines inside our network. Something > similar to the following: > > Box 1: > -FreeBSD 3.4/IPFW+natd Gateway (working) > -internet IP 206.48.122.2 > -private IP 192.168.2.254 (255.255.255.0) > I want people on the internet to be able to connect to 206.48.122.2:80, > and actually get 192.168.2.168:80. Similarily, I'd like to alias > 206.48.122.2:21 to 192.168.2.123:21, and 206.48.122.2:12000 to > 192.168.2.168:12000. > Is this possible? Can I have natd performing both functions on the same > machine? Here is how I have natd running currently: > > /sbin/natd -m -f /etc/natd.conf -n ed1 > > natd.conf: > > use_sockets no > port 7268 # ipfirewall directs to this port instead of standard natd > port > interface ed1 > > (EOF) > I tried adding this to /etc/natd.conf, and restarting natd, but it > doesn't work: > > redirect_port tcp 192.168.2.168:80 206.48.122.2:80 > redirect_port tcp 192.168.2.168:12000 206.48.122.2:12000 > > If I cannot perform this kind of function from the same box that natd > runs on as a gateway; could this be done from a second box with a static > IP address to the internet? (our webserver/ftp/email box) ? I understand > I couldn't alias 21 or 80 if I used this second machine, but I could at > least do port 12000 no? Those lines you added should work. Do you have firewall rules that may be interfering with this? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message