From owner-freebsd-questions Wed Mar 13 15:15:21 2002 Delivered-To: freebsd-questions@freebsd.org Received: from out020.verizon.net (out020pub.verizon.net [206.46.170.176]) by hub.freebsd.org (Postfix) with ESMTP id 482B437B400 for ; Wed, 13 Mar 2002 15:15:17 -0800 (PST) Received: from screamer ([64.222.211.244]) by out020.verizon.net (InterMail vM.5.01.04.05 201-253-122-122-105-20011231) with SMTP id <20020313231516.LAYR18010.out020.verizon.net@screamer>; Wed, 13 Mar 2002 17:15:16 -0600 Message-ID: <007901c1cae5$7c88dbb0$0100a8c0@screamer> From: "Knightstalker" To: "Alan McKay" , References: <3.0.5.32.20020313110331.01178868@mail.sage-one.net> Subject: Re: ipfw/pppoe/nat trouble Date: Wed, 13 Mar 2002 18:19:12 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have an added bonus to webmin. I use it for users and only assign specific functions to the user. Like changing a password. Works great for that. But I usually config at the command. Tho I do view logs with it. All the logs I need are in a list and easy to access without logging in with ssh. ----- Original Message ----- From: "Server Admin" To: "Alan McKay" ; Sent: Wednesday, March 13, 2002 12:03 PM Subject: Re: ipfw/pppoe/nat trouble > Alan: Gerry's method on an earlier reply is the way to do it. A config file > running NATD.... more flexibility - lots of stuff can be placed in the > config file for natd to look at.... > > At 11:39 AM 3.13.2002 -0500, Alan McKay wrote: > > > >So should I give up on PPP's native NAT and switch to NATD? > >Anyone know what could be up here? > > > >thanks, > >-Alan > > > > > >Folks, > > > >I'm using FreeBSD 4.5 RELEASE for my firewall, and using it's native ppp > >to manage my PPPoE connection. When doing this, one uses ppp's native > >NAT, and not natd. > > > >I have a web cam running on port 80 of a private PC at home, and want to > >forward that out to some obscure port on the firewall. Let's just say for > >the sake of argument port 4711. > > > >My firewall (ipfw) rules include : > >allow tcp from any to 4711 setup > > > >I have the same rule on port 80 for the apache server running on the > >firewall, and it works. The above rulle I have right beside my port 80 > >rule in the this. However, when I try to hit port 4711 from outside, > >and do a "ipfw show", it drops right through that rule to about 5 rules > >below where I deny all connections from outside (after allowing the few > >that I want to allow). > > > >So I never get to try to see if my NAT rules are correct. In my > >/etc/ppp/ppp.conf file I have (among other things) : > > > > nat enable yes > > nat log yes > > nat target MYADDR > > nat port tcp :80 4711 > > > >Any ideas why my firewall rule is not allowing the 4711 connection? > >I'm stumped! > > > >Are there any good examples of using PPPoE's NAT in combo with ipfw > >to port-forward to something on the private side? > > > >cheers, > >-Alan > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-questions" in the body of the message > > > > > .... our website: http://www.sage-one.net/ > > Best regards, > > Jack L. Stone > Server Admin > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message