From owner-freebsd-questions@FreeBSD.ORG Wed Apr 9 22:51:48 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B458737B401 for ; Wed, 9 Apr 2003 22:51:48 -0700 (PDT) Received: from citizensbankng.com (host-12-018.a.nigol.net.ng [217.117.12.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id CE9CC43F93 for ; Wed, 9 Apr 2003 22:51:39 -0700 (PDT) (envelope-from freebsd@citizensbankng.com) Received: from abdul ([128.1.100.234]) by citizensbankng.com (8.9.2/3.7W) with SMTP id GAA10300; Thu, 10 Apr 2003 06:52:32 +0100 (WAT) Message-ID: <00a701c2ff25$21b04c30$ea640180@abdul> From: "abdul" To: "Joshua Lokken" References: <003301c2feb5$af1a7e80$ea640180@abdul> <20030409211853.GB21946@joloxbox.joshualokken.com> Date: Thu, 10 Apr 2003 06:50:43 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 cc: freebsd-questions@freebsd.org Subject: Re: -redirect_port problem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2003 05:51:49 -0000 Hi Joshua. Thanks for your response. "-redirect_port tcp 128.1.100.139:8080" is what is not working. The site "128.1.100.139" is not accessible from outside, even if the redirect seems to be working after refresh of natd (rebooting) when I use a ps command to see what processes are running. Thanks Abdul ----- Original Message ----- From: "Joshua Lokken" To: "abdul" Cc: Sent: Wednesday, April 09, 2003 10:18 PM Subject: Re: -redirect_port problem > * abdul (freebsd@citizensbankng.com) wrote: > ==> I use a FreeBSD box (version 4.7) as my Internet Proxy machine. I presently > ==> use the natd daemon to redirect all HTTP > ==> > ==> traffic to our web server and POP/SMTP to our mail server. This works well. > ==> A portion of my rc.conf file is: > ==> > ==> natd_program="/sbin/natd" # path to natd, if you want a different one. > ==> natd_enable="YES" # Enable natd (if firewall_enable == YES). > ==> natd_interface="tl0" # Public interface or IPaddress to use. > ==> natd_flags=" -redirect_port tcp 128.1.100.139:80 > ==> 207.241.164.30:80 -redirect_port tcp 128.1.100.6:25 25 -redirect_port > ==> > ==> tcp 128.1.100.6:110 110 -redirect_port tc > ==> p 128.1.100.7:80 80 " > ==> > ==> My Problem > ==> > ==> In addition to what I have above, I want to redirect all HTTP traffic from a > ==> particular external server (a public IP) to port > ==> > ==> 8080 of a local machine for our mobile banking software. So I modified my > ==> rc.conf as follows: > ==> > ==> natd_flags=" -redirect_port tcp 128.1.100.139:8080 > ==> 241.164.30:80 -redirect_port tcp 128.1.100.6:25 25 > ==> > ==> -redirect_port tcp 128.1.100.6:110 110 -redirect_port tcp 128.1.100.7:80 80 > ==> " # > ==> I have confirmed that can locally browse to the HTTP based software running > ==> on the local machine in question > > What haven't you confirmed? There isn't a question here; what isn't working? > Can you not access the site from the internet? > > Also, it's not necessary, but I found it easier to keep track of and change > nat rules by creating /etc/natd.conf, putting my rules in that file, and calling > that from rc.conf : > > natd_flags="/etc/natd.conf" > > -- > Joshua > >