Date: Mon, 16 Apr 2001 09:43:41 -0700 From: Walter McGinnis <wtem@olywa.net> To: freebsd-questions@FreeBSD.ORG Subject: another natd port forwarding question Message-ID: <v04220802b700cc1196d2@[10.0.0.3]>
next in thread | raw e-mail | index | archive | help
Hello everyone,
I've been searching the archive and trying different recipes for
getting port forwarding to work between a public box and a internal
development box. I think I have most things in order, but I still
can't get it to work. BTW, I encourage everyone to be better about
listing their version number when posting their problem or solutions.
I suspect that I have gone down a few dead ends because I followed
directions for earlier versions. Anyway, here is my situation:
Cable modem talks to a FreeBSD 4.0-RELEASE box with two NICs. One
for a the cable, one for the LAN hub. Everything works fine except I
have a RH web development box on the LAN that I would like to have
port 8000 - 9000 be viewable from the outside world. These ports are
not used on the FreeeBsd box.
I decided to test by setting up port 8003 on the public FreeBsd box
to forward to 10.0.0.10:8003 (the RH web development box). On a side
note if I am going to use an additional file for natd configuration
it seems like I should consolidate all my flags into it (except, of
course, the call to the config file). A quick note for for how to
include the current appropriate flags in the natd.conf file would be
appreciated. I'm obviously missing something:
excerpt from rc.firewall
############
# These rules are required for using natd. All packets are passed to
# natd before they encounter your remaining rules. The firewall rules
# will then be run again on each packet after translation by natd,
# minus any divert rules (see natd(8)).
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
${fwcmd} add divert natd all from any to any via
${natd_interface\
}
fi
;;
esac
${ipfw} allow log tcp from any to xxx.xxx.xxx.xxx 8003 via ${oif}
############
the file rc.conf
# -- sysinstall generated deltas -- #
linux_enable="YES"
gateway_enable="YES"
router_enable="YES"
sendmail_enable="NO"
firewall_enable="YES"
firewall_type="open"
firewall_quiet="NO"
natd_enable="YES"
natd_interface="xl0"
natd_flags="-u -m -dynamic -f /etc/natd.conf"
tcp_extensions="NO"
forward_sourceroute="NO"
accept_sourceroute="NO"
# -- named_enable="YES" -- #
network_interfaces="xl0 lo0 rl0"
ifconfig_xl0="inet xxx.xxx.xxx.xxx netmask 255.255.255.0"
defaultrouter="xxx.xxx.xxx.xxx"
hostname="13A.pinol1.sfba.home.com"
# -- sysinstall generated deltas -- #
ifconfig_rl0="inet 10.0.0.1 netmask 255.255.255.0"
# -- sysinstall generated deltas -- #
keymap="us.iso"
/etc/natd.conf
interface xl0
redirect_port tcp 10.0.0.10:8003 8003
Thanks in advance for your answers,
Walter McGinnis
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04220802b700cc1196d2>