From owner-freebsd-isp Mon Jul 31 10:12:34 2000 Delivered-To: freebsd-isp@freebsd.org Received: from ns1.aha.ru (ns1.aha.ru [195.2.80.142]) by hub.freebsd.org (Postfix) with ESMTP id 8019037B884 for ; Mon, 31 Jul 2000 10:12:28 -0700 (PDT) (envelope-from shurick@zenon.net) X-BodyDigest: d9eac028b080f8aa6f3b357d9f07f792 Received: from pb.zenon.net (caesar.zenon.net [195.2.64.7]) by ns1.aha.ru (8.9.3/8.9.3/aha-r/0.04B) with ESMTP id VAA91690; Mon, 31 Jul 2000 21:12:24 +0400 (MSD) Received: from aha.ru (mp.hq.zenon.net [192.168.9.150]) by pb.zenon.net (8.9.3/8.9.3) with ESMTP id VAA67185; Mon, 31 Jul 2000 21:12:23 +0400 (MSD) (envelope-from shurick@zenon.net) Received: by aha.ru (CommuniGate Pro PIPE 3.3b1) with PIPE id 2758081; Mon, 31 Jul 2000 21:12:15 +0400 X-Mailer: CommuniGate Pro CLI mailer Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <398583A9.8D7A233D@microlink.ee> Date: Mon, 31 Jul 2000 21:12:11 +0400 (MSD) Organization: Zenon N.S.P. From: Alexander Radunsky To: Aleksei Davidenko Subject: RE: NAT forwarding Cc: "freebsd-isp@FreeBSD.ORG" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 31-Jul-00 Aleksei Davidenko wrote: > Hi,All! > I have Free Box with NAT&ipfw and some Oracle NT Box into inside > network > Oracle listening 1521 port > > ---> Inet -> Free BOX (NAT) --->(192.168.X.X network) - Oracle Box > (192.168.1.10) > > Which IPFW rule for IPFW I must write for forwarding all packets from > OUTSIDE request 1521 port into inside 192.168.X.X 1521 Oracle box ? It could be simple if your Oracle don't run under NT. For unix versions of Oracle the simple IP-to-IP NAT for one port and permit for back connections through 'from $iip {oracle_listener_port} to any established' is enough (was successfully tested for Oracle 7.3.4 under Solaris). Unfortunately, for the same version of Oracle under NT instead of unix versions no way for NAT in the common cases. It tries to send some redirects *inside* of the Sql*Net packets which is unusable for NAT. For this Oracle Corp. developed product called 'Connection Manager' which is proxying such requests and really usable for NATing. Maybe in Net8 things looks differently - I haven't tested this. -- Alexander A. Radunsky AR8-RIPN AAR2-RIPE Zenon N.S.P. Moscow, Russia Phone: +7-095-2511071 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message