From owner-freebsd-net@FreeBSD.ORG  Thu Jul  7 08:15:53 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: net@freebsd.org
Delivered-To: freebsd-net@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6E36A16A41C
	for <net@freebsd.org>; Thu,  7 Jul 2005 08:15:53 +0000 (GMT)
	(envelope-from wsk@gddsn.org.cn)
Received: from gddsn.org.cn (gddsn.org.cn [218.19.164.145])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0AB9143D45
	for <net@freebsd.org>; Thu,  7 Jul 2005 08:15:53 +0000 (GMT)
	(envelope-from wsk@gddsn.org.cn)
Received: from [192.168.168.138] (unknown [211.96.21.195])
	by gddsn.org.cn (Postfix) with ESMTP id 62E7238CB4D
	for <net@freebsd.org>; Thu,  7 Jul 2005 16:15:45 +0800 (CST)
Message-ID: <42CCE482.4050904@gddsn.org.cn>
Date: Thu, 07 Jul 2005 16:14:58 +0800
From: wsk <wsk@gddsn.org.cn>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; zh-CN; rv:1.7.6) Gecko/20050326
X-Accept-Language: zh-cn,zh
MIME-Version: 1.0
To: net@freebsd.org
Content-Type: text/plain; charset=gb2312
Content-Transfer-Encoding: 7bit
Cc: 
Subject: ipnat port redirection can't through 2 subnetworks??
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2005 08:15:53 -0000

hi,folks:
here's my network's layout:

                              |
                              |
                             em0 (160.79.174.99/29)
                              GateWay (FreeBSD 5.x ipf/ipnat, gateway_enabled)
                             em1 (192.168.1.1/25)
                              |
                              |
  em0 (192.168.1.126/25) -- Bridge --   em1 (192.168.1.254/25)
	|                   		      |
	|				      |
       LAN1				     LAN2  
        |				      |
 +---------------------+	    +---------+---------+
 |                     |	    |         |         |	
hostA(192.168.1.2/25) ...	 		        hostB(192.168.1.250/25)
WEB Server 						Mail Server

and here's the ipnat.rules on my gateway box
   map em0  192.168.1.0/24 -> 160.79.174.99/32 portmap tcp/udp 10000:60000
   map em0  192.168.1.0/24 -> 160.79.174.99/32
   rdr em0  160.79.174.99/32 port 80 -> 192.168.1.2 port 80
   rdr em0  160.79.174.99/32 port 25 -> 192.168.1.250 port 25
now the problems is that the NAT work fine but the port redirection does not
work on IPNAT and PF.and I found that the port redirection just could work
on the same subnetworks(the rdr could forwarding the port to Bridge box but not
WEB Server or Mail Server).so I wondered could I setup the rdr rules to make it
forwarding ports to my LAN1 or LAN2's hosts ?? :-(  thanks any reply with appreciates!!

LAN1's defaultroute is 192.168.1.126
LAN2's defaultroute is 192.168.1.254
Bridge defaultroute is 192.168.1.1