Date: Sun, 24 Sep 2000 23:03:49 -0700 (PDT) From: Steve Lewis <nepolon@systray.com> To: kit <kit@hypostasis.com> Cc: Kanji T Bates <bates@jurai.net>, freebsd-questions@FreeBSD.ORG Subject: Re: internal to internal via natd extenal redirect_port Message-ID: <Pine.BSF.4.05.10009242254190.10677-100000@greg.ad9.com> In-Reply-To: <20000920202900.A23232@amethyst.hypostasis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 20 Sep 2000, kit wrote: > On Wed, Sep 20, 2000 at 02:37:42AM -0400, Kanji T Bates wrote: > > I'm having great difficulty trying to get any of my internal machines to > > talk to services handled via a natd redirect_port even though boxes coming > > at me from my external interface have no problems whatsoever. > Presumable you are running a gateway /firewall with 10.10.10.254 (say) > as the internal interface, and 192.168.0.1 as the external. > > One solution is the run natd on the internal interface > as well and /or set the firewall rules to redirect traffic destined > for the IP and port when it comes in via your internal interface I need to do this for ONE IP in the LAN. can someone help me break down the pieces needed to get this option working? separate named/namespaces are both not acceptible options, and the only other option I can think of is to place as hosts file on each workstation (not scalable). thus far I have the following: 1 run second natd running on unused port for internal interface of gateway with only a redirect to targeted machine 2 add ipfw rule following this logic: if TCP from internal interface, and to my targeted machine, divert to port of 2nd natd am I missing anything? --Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10009242254190.10677-100000>