Date: Sun, 21 Feb 2016 19:48:04 -0500 From: Gary Corcoran <gcorcoran@rcn.com> To: freebsd-net@freebsd.org Subject: Re: gateway machine port redirect question Message-ID: <56CA5AC4.8070502@rcn.com> In-Reply-To: <43887.128.135.52.6.1456021321.squirrel@cosmo.uchicago.edu> References: <43887.128.135.52.6.1456021321.squirrel@cosmo.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/20/2016 9:22 PM, Valeri Galtsev wrote: > Dear Experts, > > I'm one of Linux refugees who several years ago migrated majority of > servers from Linux to FreeBSD and is happy since. When recently I needed > to set up gateway (Firewall + NAT) machine, I set up FreeBSD 10.2 on it, > used ipwf and natd, and all works well, machines behind gateway on LAN can > happily reach real network. I hit one snag later though: When I tried to > redirect TCP traffic on some port to machine on internal private network > behind gateway, whatever I do doesn't work. > > Could somebody point to simple example (it doesn't matter which components > are involved, I don't feel married to ipfw and natd) for FreeBSD 10.2 that > makes the machine gateway, and one of the ports of traffic coming from > public network is redirected to machine on private network behind gateway. > Something I can reproduce that works, which I then will gradually convert > into what I need. Other way around: adding redirection to already working > (and a bit sophisticated) gateway I set up appears to be beyond my mental > abilities: a couple of weeks of frustration confirm it to me. > > I really do not want to go back to Linux to do this, even though I feel I > can do it based on Linux in a course of an hour or two - I've set up a few > of them in the past using Linux, that's the longest it took me in my > recollection. > > Thanks in advance for all your answers and pointers! > > Valeri > > ++++++++++++++++++++++++++++++++++++++++ > Valeri Galtsev > Sr System Administrator > Department of Astronomy and Astrophysics > Kavli Institute for Cosmological Physics > University of Chicago > Phone: 773-702-4247 > ++++++++++++++++++++++++++++++++++++++++ > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > Something like this? It redirects external port 1234 to a machine on the internal network at port 80. In your natd.conf, put something like this: redirect_port tcp 10.12.34.56:80 1234 Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56CA5AC4.8070502>