From owner-freebsd-hackers@FreeBSD.ORG  Mon Jul 28 14:04:20 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 15E5937B401
	for <freebsd-hackers@freebsd.org>;
	Mon, 28 Jul 2003 14:04:20 -0700 (PDT)
Received: from pgh.nepinc.com (pgh.nepinc.com [66.207.129.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1AD5143F3F
	for <freebsd-hackers@freebsd.org>;
	Mon, 28 Jul 2003 14:04:19 -0700 (PDT)
	(envelope-from durham@jcdurham.com)
Received: from jimslaptop.pitt.nepinc.com (jimslaptop.pitt.nepinc.com
	[192.100.100.107])
	by pgh.nepinc.com (8.11.4/8.11.3) with ESMTP id h6SL4Ju05733;
	Mon, 28 Jul 2003 17:04:20 -0400 (EDT)
	(envelope-from durham@jcdurham.com)
From: Jim Durham <durham@jcdurham.com>
Organization: JC Durham Consulting
To: Wouter Clarie <rimshot@pandora.be>
Date: Mon, 28 Jul 2003 17:04:16 -0400
User-Agent: KMail/1.5.2
References: <200307251349.38413.durham@jcdurham.com>
	<200307272237.14432.durham@jcdurham.com>
	<Pine.BSO.4.53.0307281224110.18666@positron.hjc.be>
In-Reply-To: <Pine.BSO.4.53.0307281224110.18666@positron.hjc.be>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200307281704.16378.durham@jcdurham.com>
cc: freebsd-hackers@freebsd.org
Subject: Re: NATD and Address Redirection
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: durham@jcdurham.com
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Jul 2003 21:04:20 -0000

On Monday 28 July 2003 06:26 am, you wrote:
> On Sun, 27 Jul 2003, Jim Durham wrote:
> > On Sunday 27 July 2003 03:10 am, Wouter Clarie wrote:
> > > Yes, that's what I meant. It should work, since it does here.
> > > VNC Server on the internal network, accessed from outside.
> >
> > Interesting. Is your setup using redirect_address in a natd.conf
> > file?
>
> No.
>
> > What version of FreeBSD are you running?
>
> I was afraid you were going to ask this question ;) I'm not using
> FreeBSD but OpenBSD. I wasn't actually telling you that natd in
> FreeBSD will be able to do it (which it really should), but that it
> is perfectly possible to run a VNC Server behind NAT, without an
> application proxy. OpenBSD pf proves that.

I wonder if the OpenBSD natd is the same code? I don't have any Open 
BSD machines but it might be interesting to look.
>

OK.... well, we have tried same-ports, use_sockets, ..everything we 
can think of and it does not work with VNC....but there's more....

If we substitute a FreeBSD box with vncserver for the windows box, 
then I actually can see the beginning of a screen forming, about 10 
scan lines. Eventually, the connection times out, but when it does it 
delivers another 10 scan lines of so of screen.  That kind of 
behavior would suggest to me that the first bufferof the screen stuff 
is sent out, but no ack comes back and, when the connection finally 
times out, you get another packet bufferas it dumps the connection. 

By the way, SSH runs fine to that inside machine from the 'net.

-Jim