From owner-freebsd-questions Thu Aug 10 22:45:29 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 184C037BF0C for ; Thu, 10 Aug 2000 22:45:27 -0700 (PDT) (envelope-from cjc@149.211.6.64.reflexcom.com) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Thu, 10 Aug 2000 22:44:23 -0700 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.9.3/8.9.3) id WAA20340; Thu, 10 Aug 2000 22:45:25 -0700 (PDT) (envelope-from cjc) Date: Thu, 10 Aug 2000 22:45:25 -0700 From: "Crist J . Clark" To: Kevin Weiss Cc: FreeBSD Questions Subject: Re: NATD and port redirections Message-ID: <20000810224525.H5405@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <965953690_PM_BeOS.kweiss@jump.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <965953690_PM_BeOS.kweiss@jump.net>; from kweiss@jump.net on Fri, Aug 11, 2000 at 12:28:10AM +0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Aug 11, 2000 at 12:28:10AM +0000, Kevin Weiss wrote: > My NATD doesn't seem to be redirecting smtp requests from my > firewall machine to my internal mail server. Can somebody tell me > if the following configuration is correct? > > I created /etc/rc.natd, and here's the output. > > #Initial Setup > use_socket yes > same_ports yes > unregistered_only yes > > #Port Redirection Rules > . . . (other redirects commented out for now) > redirect_port tcp 192.168.1.2:25 25 > . . .(other redirects commented out for now) > > > In my firewall rules (using a "simple" firewall), I have the following: > . . . > $fwcmd add 804 allow tcp from any 25 to ${oip} > $fwcmd add 804 allow tcp from ${oip} to any 25 > . . . Not enough info, the 'ipfw show,' input would be usefull, but I supsect this is your problem. If you based your ruleset on the distributed rc.firewall, the address has probably already been translated when it hits this rule and does not pass. -- Crist J. Clark cjclark@alum.mit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message