From owner-freebsd-questions Fri Aug 24 13:47:12 2001 Delivered-To: freebsd-questions@freebsd.org Received: from hermes.niicommunications.com (hermes.niicommunications.com [207.207.35.34]) by hub.freebsd.org (Postfix) with ESMTP id EA7A937B408 for ; Fri, 24 Aug 2001 13:47:08 -0700 (PDT) (envelope-from jason.hunt@niicommunications.com) Received: from niicommunications.com (lippisch [192.168.2.224]) by hermes.niicommunications.com (8.11.2/8.11.2) with ESMTP id f7OKl3t61733 for ; Fri, 24 Aug 2001 15:47:03 -0500 (CDT) (envelope-from jason.hunt@niicommunications.com) Message-ID: <3B86BD47.E5724D5E@niicommunications.com> Date: Fri, 24 Aug 2001 15:47:03 -0500 From: Jason Hunt X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: redirection troubles.. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG greetings, rc.conf: natd_program="/sbin/natd" natd_enable="YES" natd_interface="xl0" natd_flags="-f /etc/natd.conf" firewall_enable="YES" firewall_script="/etc/rc.firewall.current" firewall_type="OPEN" firewall_quiet="NO" rc.firewall.current: I am not sure if I can list anything here that will be of use, pretty much deny anything except for ports 22,25,80 and 443. $fwcmd add divert natd all from any to any via $oif $fwcmd add allow tcp from any to $oip 22,25,80,443 setup There are more rules than this, but everything else is pretty much deny. 22 is the only port listening on firewall, but would like to redirect anything hitting 25,80, and 443 to a machine with no routable ip. I have the following in /etc/natd.conf dynamic yes use_sockets yes same_ports yes redirect_port tcp 192.168.x.x:80 80 redirect_port tcp 192.168.x.x:25 25 redirect_port tcp 192.168.x.x4:443 443 I am not sure if I am missing some other rule here that would allow these ports to actually get redirected to the internal machine, so hopefully someone can help me out with this. I apologize for the lack of information on the rules, but I didn't want to fill the message with information that wasn't really relevant. Thanks for any help. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message