From owner-freebsd-questions Sat Nov 30 4:48: 8 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A91237B401 for ; Sat, 30 Nov 2002 04:48:07 -0800 (PST) Received: from mail.phillipoux.net (bob.net1.nerim.net [62.212.96.168]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C28F43EDA for ; Sat, 30 Nov 2002 04:48:05 -0800 (PST) (envelope-from jonathan@phillipoux.net) Received: from bluesheeps ([192.168.1.6]) by mail.phillipoux.net (8.11.3/8.11.3) with SMTP id gAUCnVv09654 for ; Sat, 30 Nov 2002 13:49:31 +0100 (CET) (envelope-from jonathan@phillipoux.net) Message-ID: <004201c2986e$b40d4bf0$0601a8c0@bluesheeps> From: "Jonathan Clarke" To: "Freebsd-Questions@Freebsd. Org (E-mail)" References: <00a901c297e2$e85876f0$c800a8c0@p1000> Subject: Re: IPFW + NATD with redirect_port Date: Sat, 30 Nov 2002 13:47:55 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I want to redirect incoming ssh packet to another box internally. I have > got the following as my /etc/natd.conf > > dynamic yes > log_denied yes > use_sockets yes > same_ports yes > unregistered_only > redirect_port tcp 192.168.0.200:22 4455 > > When I try to ssh to port 4455 I get nothing - I have ipfw running - do I > need any specific rules to get this working. I have tried "${fwcmd} add > pass log tcp from any to any 22 in via ${oif} setup" but it doesn't seem to > work. Gordon, Your natd setup looks OK to me. I'm wondering whether your ipfw isn't blocking connection attempts. Do you have a rule that allows tcp connections to port 4455? And another to allow connections from NAT box to ssh box on port 22? And when you try to connect to port 4455 on your NAT box, you do it from the exterior, right? Hope this helps, Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message