From owner-freebsd-questions Sat Sep 22 22:42:12 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp012.mail.yahoo.com (smtp012.mail.yahoo.com [216.136.173.32]) by hub.freebsd.org (Postfix) with SMTP id 5011B37B41A for ; Sat, 22 Sep 2001 22:42:09 -0700 (PDT) Received: from 24-159-225-186.jvl.wi.charter.com (HELO MOBILE2) (24.159.225.186) by smtp.mail.vip.sc5.yahoo.com with SMTP; 23 Sep 2001 05:42:09 -0000 X-Apparently-From: Reply-To: From: "SNF" To: "Freebsd-Questions" Subject: How can I see if redirect_port for natd is actually set up? Date: Sun, 23 Sep 2001 00:41:52 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I am trying to get the redirect_port option for natd to do the following: redirect_port tcp 10.10.20.40:25 25 and on the firewall, the following rules are set up to specifically allow connections to port 25: (all of these are logged - ep0 is the external interface and xl0 is the internal interface) allow tcp from any to any 25 setup allow tcp from any to 10.10.20.40 25 in recv ep0 setup allow tcp from any to 24.159.225.122 25 in recv ep0 setup allow tcp from 10.10.20.40 25 to any established allow tcp from any to 10.10.20.40 25 established allow tcp from 24.159.225.122 25 to any established allow tcp from any to 24.159.225.122 25 established if I do a direct telnet to port 25 on 10.10.20.40, the server responds as it should. If I try to telnet into port 25 on 24.159.225.122, the firewall allows the connection, but the port doesn't appear to be forwarded to 10.10.20.40 - the telnet session breaks off. For example: ns1# telnet 24.159.225.122 25 Trying 24.159.225.122... telnet: connect to address 24.159.225.122: Connection refused telnet: Unable to connect to remote host In the firewall logs: Sep 23 00:11:37 ns1 /kernel: ipfw: 2500 Accept TCP 10.10.20.101:2101 24.159.225.122:25 in via xl0 The importance of this working is that people from the outside have to be able to reach the internal server through the public address. I don't know if I am giving enough information in this email... If anyone is doing something like this, how do you know that the port redirection is actually working? And, does it look like things are set up correctly? Thanks in advance, SF _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message