From owner-freebsd-stable@FreeBSD.ORG Sun Aug 27 08:06:14 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F90E16A5DC for ; Sun, 27 Aug 2006 08:06:14 +0000 (UTC) (envelope-from orlic@big12.ru) Received: from mail.uzel9.ru (brown.ud9.ru [83.143.48.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C76243D45 for ; Sun, 27 Aug 2006 08:06:13 +0000 (GMT) (envelope-from orlic@big12.ru) Received: from www.big12.ru ([83.143.49.30] helo=big12.ru) by mail.uzel9.ru with esmtp id 1GHFek-0000zW-Nb for ; Sun, 27 Aug 2006 13:06:10 +0500 Received: from NOTEBOOK ([192.168.0.2]) by big12.ru ([192.168.0.206]) with SMTP (MDaemon.PRO.v6.7.9.R) for ; Sun, 27 Aug 2006 13:04:41 +0500 Date: Sun, 27 Aug 2006 13:04:54 +0500 From: =?utf-8?B?0J7RgNC70L7QsiDQldCy0LPQtdC90LjQuQ==?= X-Mailer: The Bat! (v3.80.06) Professional Organization: =?utf-8?B?0J7QntCeICLQmtCw0YDQsNGCIg==?= X-Priority: 3 (Normal) Message-ID: <116211880.20060827130454@big12.ru> To: freebsd-stable@freebsd.org In-Reply-To: <200608241719.10921.jhb@freebsd.org> References: <200608232337.k7NNbJT8032059@repoman.freebsd.org> <200608241520.47903.jhb@freebsd.org> <20060824194220.GA59229@submonkey.net> <200608241719.10921.jhb@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Authenticated-Sender: orlic@big12.ru X-MDRemoteIP: 192.168.0.2 X-Return-Path: orlic@big12.ru X-MDaemon-Deliver-To: freebsd-stable@freebsd.org X-Spam-Score: 0.1 X-Spam-Report: Spam detection software, running on the system "mail.uzel9.ru", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi! I'm a junior in FreeBSD, and I faced with problem. I've a FreeBSD 6.1-stable box as a gate+firewall, and I want to divert incoming requests to my web-server, placed in DeMilitarized Zone (DMZ). To do this I wrote down settings in /etc/rc.conf as shown above: [...] Content analysis details: (0.1 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 FORGED_RCVD_HELO Received: contains a forged HELO Subject: IPFW + NATD rules X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: =?utf-8?B?0J7RgNC70L7QsiDQldCy0LPQtdC90LjQuQ==?= List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Aug 2006 08:06:14 -0000 Hi! I'm a junior in FreeBSD, and I faced with problem. I've a FreeBSD 6.1-stable box as a gate+firewall, and I want to divert incoming requests to my web-server, placed in DeMilitarized Zone (DMZ). To do this I wrote down settings in /etc/rc.conf as shown above: natd_flags="-redirect_port tcp 80 192.168.1.234 80" natd_flags="-redirect_port tcp 443 192.168.1.234 443" I think, that all packets incoming from Internet will be diverted from the External interface via DMZ interface to my We-server. Is it right? If not, why not, and what the way to make it working? Thanks a lot, yours sincerely Eugene Orlov, Russia, Izhevsk orlic@big12.ru +7 3412 43-12-12