Date: 21 Oct 2005 08:54:02 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: "Efren Bravo" <efrenba@dhl.co.cu> Cc: freeBSD <questions@freebsd.org> Subject: Re: natd redirect help Message-ID: <441x2f3uad.fsf@be-well.ilk.org> In-Reply-To: <WorldClient-F200510201419.AA19550042@dhl.co.cu> References: <WorldClient-F200510201419.AA19550042@dhl.co.cu>
next in thread | previous in thread | raw e-mail | index | archive | help
"Efren Bravo" <efrenba@dhl.co.cu> writes: > Hi, > > I've a freebsd5.4 with ipfw and natd. I need that external users can enter > to my internal network services (http, ftp, etc). > > freebsd box: > out interface: 200.x.x.x > in interface: 10.x.x.x > > /etc/rc.conf file: > ------------------ > gateway_enable="YES" > > firewall_enable="YES" > firewall_script="/etc/ipfw.rules" > firewall_logging="YES" > > natd_enable="YES" > natd_interface="vr0" > natd_flags="-f /etc/natd.conf" > > /etc/natd.conf file: > -------------------- > redirect_port tcp 10.x.x.x:8080 80 #redirec to internal web server > > > The question is if I've to open the port 80 on freeBSD's vr0 because I not > able to enter to those services. The packet will be checked again after it's been through natd, so you need an accept rule for it somewhere. But at that point, I guess it should be destined for port 8080 rather than 80.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?441x2f3uad.fsf>