From owner-freebsd-security Thu Sep 16 8:37: 2 1999 Delivered-To: freebsd-security@freebsd.org Received: from mag.ik.nu (mail.olm.nl [194.151.118.79]) by hub.freebsd.org (Postfix) with ESMTP id 8963115699 for ; Thu, 16 Sep 1999 08:37:00 -0700 (PDT) (envelope-from ralphm@wat.moet.ik.nu) Received: (from ralphm@localhost) by mag.ik.nu (8.9.1/8.9.1) id RAA02357 for freebsd-security@freebsd.org; Thu, 16 Sep 1999 17:37:02 +0200 (CEST) Message-Id: <199909161537.RAA02357@mag.ik.nu> Subject: Re: mapping ports from outside to inside (with ipfw ?) In-Reply-To: from Pat Lynch at "Sep 16, 99 11:28:06 am" To: freebsd-security@freebsd.org From: bsdseq@mail.ik.nu Date: Thu, 16 Sep 1999 17:35:00 +0200 (CEST) X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ok, but I understood he was trying to redirect ports from specific (alias-) addresses to the inside. While this can be done with natd, I find it not so convienient to put all those redirects in /etc/rc.conf. (Yes, they can also be in a file, I know). The logging is quite nice too, though... Ralphm > I use natd, its no problem and relatively simple. > > make sure you have IP_DIVERT in the kernel (to go along with all the > firewall stuff. > > then: > > /sbin/natd -redirect_port tcp totem:113 113 -redirect_port tcp \ > different:80 80 -interface tun0 > /sbin/ipfw add divert 8668 ip from any to any via tun0 > > I'm redirecting the port 113 (ident) from the outside to my workstation > (for irc actually) and port 80 to my sparc for web serving. > > -Pat > > ... snip ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message