Date: Tue, 23 Feb 1999 22:35:31 -0800 (PST) From: "Joseph M. Scott" <jmscott@ainet.com> To: "Abraham J. Stephens" <stephea@aasis.albany-academy.org> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: natd question Message-ID: <Pine.GSU.4.05.9902232227450.3943-100000@www.ainet.com> In-Reply-To: <199902231514.KAA15836@aasis.albany-academy.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 23 Feb 1999, Abraham J. Stephens wrote: > I have a sun box sitting on a private network (10.0.0.0) I would like to 1) > be able to access the rest of the world from that box, and 2) be able to > access specific ports on that box from the rest of the world. (I need to run > a mail, pop3, and web server on the sun.) Ok, this makes sense..... > > If I have the following configuration on the freebsd box (running 2.2.5): > ed0: 205.181.13.180 > ed1: 10.0.0.8 > > and ipfw: > 300 divert 6668 ip from any to any via ed0 > 400 divert 6668 ip from any to any via ed1 Here's where I started wondering why..... it's been awhile but you should only have to use divert once. Check out the man page for natd, it gives a basic setup. You may also want to check out : http://www.dvl-software.com/freebsd/natd.htm > 500 allow ip from any to any > > Then if I execute the command > natd -same_ports -use_sockets -interface ed0 -redirect_address 10.0.0.8 > 0.0.0.0 > > I am able to access the rest of the 205.181.13.0 network from the sun box > sitting on the 10.0.0.0 network. > > Also if instead I execute: > > natd -same_ports -use_sockets -interface ed1 -redirect_port tcp 10.0.0.6:80 \ > 205.181.13.180:80 > > (the sun's ip address is 10.0.0.6) > I am able to connect to the web server on the sun via 205.181.13.180:80. > > I'd like to be able to do both at the same time. Is this possible? If so how > can I go about doing it- I've been taking shots in the dark up to this > point. I've attempted to run two copies of natd- using two firewall rules to > divert ed0 traffic to a natd on 6668 and ed1 traffic to a natd on 6669, but > this did not acomplish anything. If I'm remembering everything correctly the answer is yes you can do both at the same time, running natd only once. I believe the problem is coming from trying to divert twice. > > -Thanks for any help, > > > Abraham J. Stephens > MMime v.3 -- Email from anywhere! > > * Joseph M. Scott * jmscott@ainet.com * American InfoMetrics * Modesto, CA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSU.4.05.9902232227450.3943-100000>