From owner-freebsd-net  Tue Sep 26  2:32:33 2000
Delivered-To: freebsd-net@freebsd.org
Received: from ns.bsag.ch (ns.bsag.ch [195.246.88.210])
	by hub.freebsd.org (Postfix) with ESMTP id B2B9537B422
	for <freebsd-net@freebsd.org>; Tue, 26 Sep 2000 02:32:29 -0700 (PDT)
Received: (from hpr@localhost)
	by ns.bsag.ch (8.9.3/8.9.3/SuSE Linux 8.9.3-0.1) id LAA28241
	for freebsd-net@freebsd.org; Tue, 26 Sep 2000 11:32:23 +0200
Date: Tue, 26 Sep 2000 11:32:23 +0200
From: Hanspeter Roth Bsag <roth@bsag.ch>
To: freebsd-net@freebsd.org
Subject: ppp nat port/addr conflict
Message-ID: <20000926113223.A28035@bs11.bsag.ch>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hello,

I'm trying to set up NAT to allow specific connections.

The participating hosts are connected as follows:

  local client            FreeBSD router	   remote host
       1.0.0.2	<--->  1.0.0.1    2.0.0.1   <--->  2.0.0.2
	       ethernet			     ppp

The local client has to connect to the remote host but with
the router's address [1.0.0.2]. 
In the ppp.conf I have

  nat addr 1.0.0.2  2.0.0.1  

This allows telnet and ftp connections from the local client
[1.0.0.2] to the remote host [2.0.0.2].
(Interestingly I'm also able to connect to the remote host from
the router itself.)

Now I want a to allow a connection from the remote host to the
router at a specific port. Thus I tried

  nat port tcp 2.0.0.1:6009  6009  127.0.0.1:6009

I'm aware that there is an address conflict since 2.0.0.1 is also
diverted to the local client [1.0.0.2] by the `nat addr' command.
I hoped that `nat port' would take precedence over `nat addr'.
But packets to 2.0.0.1:6009 get diverted to the local client as well.

Is there a means to resolve this conflict?

-Hanspeter


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message