Date: Thu, 28 Mar 2002 18:41:52 -0500 (EST) From: jason <jason@monsterjam.org> To: freebsd-questions@FreeBSD.ORG Subject: natd wont redirect a port Message-ID: <20020328183651.S2852-100000@monsterjam.org>
index | next in thread | raw e-mail
FreeBSD fans,
Im running FreeBSD 4.5-RC
and ipfw for firewall and Im trying to get a port redirect working through
my freebsd box.. from outside ip address of freebsd box, port 8888 to
inside ip address of 10.1.1.10 on port 80.
on my freebsd box, I have
monsterjam# ifconfig -a
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.1.1.3 netmask 0xffffff00 broadcast 10.1.1.255
ether 00:20:18:72:4c:ee
ed2: flags=c843<UP,BROADCAST,RUNNING,SIMPLEX,LINK2,MULTICAST> mtu 1500
inet 66.26.243.184 netmask 0xfffffe00 broadcast 255.255.255.255
ether 00:80:ad:72:65:56
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
in my /etc/natd.conf file
monsterjam# cat /etc/natd.conf
interface ed2
dynamic yes
redirect_port tcp 10.1.1.10:80 8888
in my firewall rules, I have (not the complete list)
<snip>
ipfw add divert natd all from any to any via ed2
ipfw add allow ip from any to any via lo0
...
ipfw add allow tcp from any to $ISP_IP 8888
<snip>
in my natd statement, I have
/sbin/natd -dynamic -log_denied -interface ed2 -f /etc/natd.conf
and I do have forwarding on via
/sbin/sysctl net.inet.ip.forwarding=1
when I sniff on the outside of my freebsd box, I see syn packets come it,
but thats it..
monsterjam# tethereal -i ed2 tcp port 8888
Capturing on ed2
gateway -> rdu26-243-184.nc.rr.com TCP 4120 > 8888 [SYN]
Seq=515319221 Ack=0 Win=16384 Len=0
gateway -> rdu26-243-184.nc.rr.com TCP 4120 > 8888 [SYN]
Seq=515319221 Ack=0 Win=16384 Len=0
gateway -> rdu26-243-184.nc.rr.com TCP 4120 > 8888 [SYN]
Seq=515319221 Ack=0 Win=16384 Len=0
when I sniff the inside interface of my freebsd box, I dont see anything
coming out towards the 10.1.1.10 box. If I open an http connection
(lynx) from my freebsd box to 10.1.1.10, it works fine.
otherwise, my freebsd box works great as my firewall, nat gateway to get
out to the internet. I see no error messages in my syslogs.
I can only assume the packets are getting lost in NATD, any ideas?
regards,
Jason
--
========================================
| Jason Welsh jason@monsterjam.org |
| http://monsterjam.org |
========================================
Nihilism should commence with oneself.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020328183651.S2852-100000>