Date: Sat, 20 Jan 2001 23:11:45 +1100 (EST) From: =?iso-8859-1?q?Paul=20Jansen?= <vlaero@yahoo.com.au> To: questions@freebsd.org Subject: help with natd problems Message-ID: <20010120121145.7088.qmail@web5101.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hello. I've got a small lan connecting to the internet using a PicoBSD 0.41 box (FreeBSD 3.0 based). Currently I'm using a ppp -alias command to translate packets out of and into the private network (192.168.0.x). I would like to also translate requests originating on the public network and hitting the ppp adapter (tun0). Basically I want to have have traffic that is destined for port 80 on the ppp adapter redirected to a webserver on the private network. In order to get this happening I'm bringing up a PPP link without the '-alias' option so that I know that no translation is happening. I've read the FreeBSD 3.0 release man page on natd and come up with this natd command line (the ip address of the natd machine is 192.168.0.8): /sbin/natd -s -m -p 8668 -n tun0 -redirect_port tcp 192.168.0.7:80 80 This returns no erros when I issue it. I read in the natd man page: "Once natd is running, you must ensure that traffic is diverted to natd: 1. You will need to adjust the /etc/rc.firewall script to taste. If you're not interested in having a firewall, the following lines will do: /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via tun0 /sbin/ipfw add pass all from any to any " For the moment I don't want a firewall - I just want natd to work properly so I've decided to follow these 3 lines above. The first line returns - 'Flushed all rules.' The second line returns - '00000 divert 8668 ip from any to any via tun0 ipfw: setsockopt(IP_FW_ADD): Invalid argument' After trying to connect to port 80 at the IP address of the tun0 adapter from a machine on the public network it fails so obviously the above error is fatal. I should note that I tried using the aliasing options in user ppp with only limited success. Here's a quick succession of commands I issue (1) ppp - starts ppp in interactive mode (2) dial dialup - this dials sucessfully and I am able to ping the IP address of the tun0 adapter from a machine on the public network (3) alias enable yes - after issuing this I am unable to ping the IP address of the tun0 adapter from a machine on the public network anymore. Aliasing does not work from the internal network. It does if I simply issue 'ppp -ddial -alias dialup' from the command line though. (3) alias port tcp 192.168.0.7:80 x.x.x.x:80 - x.x.x.x is the IP that that the tun0 adapter is allocated by ppp. This is meant to forward traffic hitting port 80 on x.x.x.x t port 80 on 192.168.0.7. This doesn't work. AS you can see I've tried two avenues - none of them being successful. Any ideas as to what needs to be done to get this happening successfully? Thanks in advance, Paul _____________________________________________________________________________ http://au.classifieds.yahoo.com/au/car/ - Yahoo! Cars - Buy, sell or finance a car.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010120121145.7088.qmail>