Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Apr 2001 14:17:06 -0500 (CDT)
From:      Nick Rogness <nick@rogness.net>
To:        Walter McGinnis <wtem@olywa.net>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: another natd port forwarding question
Message-ID:  <Pine.BSF.4.21.0104161402540.68039-100000@cody.jharris.com>
In-Reply-To: <v04220802b700cc1196d2@[10.0.0.3]>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 16 Apr 2001, Walter McGinnis wrote:

> Hello everyone,
> 

	Hello.

> 
> Cable modem talks to a FreeBSD 4.0-RELEASE box with two NICs.  One for
> a the cable, one for the LAN hub.  Everything works fine except I have
> a RH web development box on the LAN that I would like to have port
> 8000 - 9000 be viewable from the outside world.  These ports are not
> used on the FreeeBsd box.

> 
> I decided to test by setting up port 8003 on the public FreeBsd box to
> forward to 10.0.0.10:8003 (the RH web development box).  On a side
> note if I am going to use an additional file for natd configuration it
> seems like I should consolidate all my flags into it (except, of
> course, the call to the config file).  A quick note for for how to
> include the current appropriate flags in the natd.conf file would be
> appreciated.  I'm obviously missing something:


> 
> excerpt from rc.firewall
> 
> ############
> # These rules are required for using natd.  All packets are passed to
> # natd before they encounter your remaining rules.  The firewall rules
> # will then be run again on each packet after translation by natd,
> # minus any divert rules (see natd(8)).
> #
> case ${natd_enable} in
> [Yy][Ee][Ss])
>          if [ -n "${natd_interface}" ]; then
>                ${fwcmd} add divert natd all from any to any via 
> ${natd_interface\
> }
>          fi
>          ;;
> esac
> 
> ${ipfw} allow log tcp from any to xxx.xxx.xxx.xxx 8003 via ${oif}
> 
> ############

	Umm, should be:

	${ipfw} allow log tcp from any to 10.0.0.10 8003 via ${oif}

	this rule should be inserted after the divert rule.



Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
 "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0104161402540.68039-100000>