From owner-freebsd-questions@FreeBSD.ORG Wed Apr 3 11:32:58 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 51F32571 for ; Wed, 3 Apr 2013 11:32:58 +0000 (UTC) (envelope-from unga888@yahoo.com) Received: from nm6-vm0.bullet.mail.bf1.yahoo.com (nm6-vm0.bullet.mail.bf1.yahoo.com [98.139.213.146]) by mx1.freebsd.org (Postfix) with SMTP id 0641B7FF for ; Wed, 3 Apr 2013 11:32:57 +0000 (UTC) Received: from [98.139.212.150] by nm6.bullet.mail.bf1.yahoo.com with NNFMP; 03 Apr 2013 11:32:57 -0000 Received: from [98.139.212.204] by tm7.bullet.mail.bf1.yahoo.com with NNFMP; 03 Apr 2013 11:32:57 -0000 Received: from [127.0.0.1] by omp1013.mail.bf1.yahoo.com with NNFMP; 03 Apr 2013 11:32:57 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 420769.89381.bm@omp1013.mail.bf1.yahoo.com Received: (qmail 63928 invoked by uid 60001); 3 Apr 2013 11:32:57 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1364988777; bh=JchVYesEc0mjIJTIbmawMx8ySmD/jZPIXhCxf3/OruA=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=AvZIrnG43XpI+jKa7m7tnsBY5w7aiB0kLspGK4SIQV2IXNgtKw7ukBWDZUeXfrWRwDY5eyfSTvJ7TYsPfz1KePeUCGxTzKsFpFlM/M9SFR7z8m8gS9joXN7kDsWNHV4dMDvOXPvNjkEzD17DEQBqV9u2SG0n8kEANAMheQXfsXw= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=blExjETVZ6Ti0sAfFya5RvD743ZriYA/XW7ldxTn/9Ku5EcrlNXAqZyk9iO0gKJsducKCJ1tFtbUiDhvN5xQaafHvUzOHZaECsxbGL0pzvn/0KrpdE1mg7vbi0sGRdZxJeHionML9s+/UDNR1pOwvIY7079p1+F4CPrSFWcX5h8=; X-YMail-OSG: 0R7IqZIVM1l2g1LeVf25IrO6xMoD_Nw_QTDBKNk01Xgughp XC8wnhmIwJ2XSEC0niEi07NErajf_.C7keRgvj6GhlwdZnUw2_lrFQKovHgD LGnpG0j3OK9ff9kyhI006bRKxqZRNF9vwO.gSp4t.SkHG7NguTHi4Jvkaewl A3XNMPudESzP6gwwfZaO0JWGNw9e4lADg0wEEVJkchY5QtjZZX.bQzCbzx.w ELgNJOblDHRYhIcYp3O64pd2NVrlfPd6RdNj1Q6KnqCFqkOL8ycVigDIoL90 hGiIueCHwzuJaC0X2KgFfjYW9CAZklRY.kCHu9qZtACEAMN86eee2HpQSJms 7lvifWPq1R4SIhGIao9Se1x_MowGvZkt4t68AYMN9REWbI6VMNAp6rsITHjF ebHxHJ1swVLi4M7gx6OJTcl8Jpdu.nAwy.TDJql3hj8q_yyHOnsaup24Mxqh MObFzoX.dj9OK8J.3BDQTVDvKh6DzQ7XN1AuQ.PvbIbIwkRgLJ7ciJ144w.g KGPxWYq2SRYALHIgBsf296N7eue6oNKNiqfXw6YAWW7ij4OPTPQ6ccZ.FLP5 DzRWIndk37NQ7.sjLTevtZxenCoku5rWu5jBDjfMn1Jv6.uppD4EdO3_vE9. J5LaUQZBwCwrd4FjYogG5HpmH6fyBUVCjEHIUfOI- Received: from [112.134.128.143] by web161904.mail.bf1.yahoo.com via HTTP; Wed, 03 Apr 2013 04:32:57 PDT X-Rocket-MIMEInfo: 002.001, SGkgYWxsCgpJJ20gb24gMTkyLjE2OC4xLjYyLCB0aGUgc2VydmVyIHJ1bm5pbmcgb24gMTkyLjE2OC4xLjMgYW5kIGxpc3RlbiB0byBwb3J0IDEyMzQuIEkgd2FudCBhbnkgY29ubmVjdGlvbiBnb2luZyBvdXQgb2YgbXkgbWFjaGluZSB0byBwb3J0IDEyMzQgdG8gcG9ydCBmb3J3YXJkIHRvIDE5Mi4xNjguMS4zOjEyMzQuCgpCdXQgd2hlbiBJIGF0dGVtcHQgdG8gY29ubmVjdCB0byAxOTIuMTY4LjEuMToxMjM0ICwgbmF0ZCBzaG93cyBmb2xsb3dpbmcgdmVyYm9zZSBtZXNzYWdlOgpuYXRkWzIwNTFdOiBBbGkBMAEBAQE- X-Mailer: YahooMailWebService/0.8.140.532 Message-ID: <1364988777.50574.YahooMailNeo@web161904.mail.bf1.yahoo.com> Date: Wed, 3 Apr 2013 04:32:57 -0700 (PDT) From: Unga Subject: ipfw+natd port forward does not work as intended To: "freebsd-questions@freebsd.org" MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Unga List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Apr 2013 11:32:58 -0000 Hi all=0A=0AI'm on 192.168.1.62, the server running on 192.168.1.3 and list= en to port 1234. I want any connection going out of my machine to port 1234= to port forward to 192.168.1.3:1234.=0A=0ABut when I attempt to connect to= 192.168.1.1:1234 , natd shows following verbose message:=0Anatd[2051]: Ali= asing to 192.168.1.62, mtu 1500 bytes=0AOut {default}[TCP]=A0 [TCP] 192.168= .1.62:45642 -> 192.168.1.1:1234 aliased to=0A=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= [TCP] 192.168.1.62:45642 -> 192.168.1.1:1234=0A=0A=0AThis is FreeBSD 8.1-R= ELEASE and the kernel is built with following options:=0Aoptions=A0=A0=A0= =A0=A0=A0=A0=A0 IPFIREWALL=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 # Enable = ipfw=0Aoptions=A0=A0=A0=A0=A0=A0=A0=A0 IPFIREWALL_FORWARD=A0=A0=A0=A0=A0 # = Enable ipfw forward=0Aoptions=A0=A0=A0=A0=A0=A0=A0=A0 IPDIVERT=0A=0A=0A/etc= /rc.conf=0A--------------=0A=0A# Enable ipfw firewall=0Afirewall_enable=3D"= YES"=0Afirewall_script=3D"/etc/rc.firewall.test"=0A=0A# Natd=0Agateway_enab= le=3D"YES"=0Anatd_enable=3D"YES"=0Anatd_interface=3D"msk0"=0Anatd_flags=3D"= -f /etc/natd.conf"=0Asysctl net.inet.ip.forwarding=3D1=0A=0A/etc/rc.firewal= l.test=0A-----------------------=0A=0A#!/bin/sh=0A=0A=0AIFACE=3Dmsk0=0A=0AI= PFW=3D/sbin/ipfw=0A=0A${IPFW} -f flush=0A${IPFW} add 100 divert natd ip fro= m any to any 1234 via ${IFACE} =0A${IPFW} add 60000 permit ip from any to a= ny=0A=0A=0A/etc/natd.conf=0A-----------------=0A=0Aport 8668=0Alog=0Averbos= e=0Ainterface msk0 =0Aredirect_port tcp 192.168.1.3:1234 1234=0A=0A=0AIs th= ere any configuration error above?=0A=0ABest regards=0AUnga