From owner-freebsd-isp  Tue Feb 23  7:19:55 1999
Delivered-To: freebsd-isp@freebsd.org
Received: from aasis.albany-academy.org (aasis.albany-academy.org [205.181.13.80])
	by hub.freebsd.org (Postfix) with ESMTP id BB35B115C4
	for <freebsd-isp@freebsd.org>; Tue, 23 Feb 1999 07:19:53 -0800 (PST)
	(envelope-from webmastr@aasis.albany-academy.org)
Received: (from webmastr@localhost)
	by aasis.albany-academy.org (8.8.5/8.8.5) id KAA15836;
	Tue, 23 Feb 1999 10:14:31 -0500 (EST)
Date: Tue, 23 Feb 1999 10:14:31 -0500 (EST)
Message-Id: <199902231514.KAA15836@aasis.albany-academy.org>
Content-Disposition: inline
Content-Transfer-Encoding: binary
Content-Type: text/plain
MIME-Version: 1.0
X-Mailer: MIME::Lite 1.120 
Subject: natd question 
To: freebsd-isp@freebsd.org
From: "Abraham J. Stephens" <stephea@aasis.albany-academy.org>
Organization: The Albany Academy Student Information System
Comments: Please report any abuse of this service to abuse@aasis.albany-academy.org
X-Sender: MMime. v3.0 (c) 1998/1999 Abraham J. Stephens.
Cc: 
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

 I have a sun box sitting on a private network (10.0.0.0) I would like to 1)
be able to access the rest of the world from that box, and 2) be able to
access specific ports on that box from the rest of the world. (I need to run
a mail, pop3, and web server on the sun.)

If I have the following configuration on the freebsd box (running 2.2.5):
ed0: 205.181.13.180
ed1: 10.0.0.8

and ipfw:
300 divert 6668 ip from any to any via ed0
400 divert 6668 ip from any to any via ed1
500 allow ip from any to any

Then if I execute the command
natd -same_ports -use_sockets -interface ed0 -redirect_address 10.0.0.8
0.0.0.0

I am able to access the rest of the 205.181.13.0 network from the sun box
sitting on the 10.0.0.0 network.

Also if instead I execute:

natd -same_ports -use_sockets -interface ed1 -redirect_port tcp 10.0.0.6:80 \
205.181.13.180:80 

(the sun's ip address is 10.0.0.6) 
I am able to connect to the web server on the sun via 205.181.13.180:80.

I'd like to be able to do both at the same time. Is this possible? If so how
can I go about doing it- I've been taking shots in the dark up to this
point. I've attempted to run two copies of natd- using two firewall rules to
divert ed0 traffic to a natd on 6668 and ed1 traffic to a natd on 6669, but
this did not acomplish anything.

-Thanks for any help,


Abraham J. Stephens
MMime v.3 -- Email from anywhere!


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message