From owner-freebsd-isp Tue Nov 13 9:28:25 2001 Delivered-To: freebsd-isp@freebsd.org Received: from blacklamb.mykitchentable.net (ekgr-dsl5-t183.citlink.net [207.173.250.183]) by hub.freebsd.org (Postfix) with ESMTP id 96B3337B417 for ; Tue, 13 Nov 2001 09:28:17 -0800 (PST) Received: from tagalong (unknown [165.107.42.205]) by blacklamb.mykitchentable.net (Postfix) with SMTP id 882FAEE547; Tue, 13 Nov 2001 09:29:00 -0800 (PST) Message-ID: <014b01c16c68$91889310$cd2a6ba5@lc.ca.gov> From: "Drew Tomlinson" To: "Fabrizio Ravazzini" , Cc: References: <20011113171827.77688.qmail@web20102.mail.yahoo.com> Subject: Re: Nat Gateway Firewall rules Date: Tue, 13 Nov 2001 09:27:55 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ----- Original Message ----- From: "Fabrizio Ravazzini" To: Cc: Sent: Tuesday, November 13, 2001 9:18 AM Subject: RE: Nat Gateway Firewall rules > many thanks for help,now I've tought to another > problem, I've read on the FreebSD Handbook > (cap17.11-Nat) and the natd manual page that with the > option -redirect_address, if I have for example a www > server I can redirect the traffic to this server wich > is on the internal Lan or also to another machine with > public Ip. > But the problem is: if I have two or more web servers > in the lan or also out of the Lan which they must be > reached from the internet how can I redirect with > natd? The only way I know is to connect to them via different ports. In other words, tell NAT that requests on port 80 get redirected to WWW1:80 and requests on port 8080 get reidrected to WWW2:80. Then to connect to WWW2, you would put http://WWW2:8080 in your web browser. HTH, Drew > Because with natd I can redirect (I understood) only > one machine for one service. > Shortly the scheme: > > INTERNET > | > |PublicIP1 > +---------+ > | NAT | > |Firewall | > +---------+ PublicIP2 > +----+ | | +------+ > |WWW1|--------+ +-----+-----| WWW2 | > +----+ | +------+ > PublicIp3 | > or InternalLan1 |DNS > > > Thanks,bye > > > --- John Brooks ha scritto: > Try > these: > > > > http://www.obfuscation.org/ipf/ > > > > http://geodsoft.com/howto/harden/ > > > > -- > > John Brooks > > Email: john@stlbsd.org > > > > -----Original Message----- > > > > ...snip... > > > > I must provide a strong Firewall set of rules on the > > nat, where can I find some docs to do such a thing? > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the > message > > ______________________________________________________________________ > > Abbonati a Yahoo! ADSL con Atlanet! > Naviga su Internet ad alta velocitą, e senza limiti di tempo! > Per saperne di pił vai alla pagina http://adsl.yahoo.it > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message