From owner-freebsd-questions Mon Feb 14 13: 2:16 2000 Delivered-To: freebsd-questions@freebsd.org Received: from kearneys.ca (cr1003527-a.rct1.bc.wave.home.com [24.113.36.145]) by builder.freebsd.org (Postfix) with SMTP id 702AF3E69 for ; Mon, 14 Feb 2000 13:02:12 -0800 (PST) Received: (qmail 6818 invoked by uid 1000); 14 Feb 2000 21:03:26 -0000 Date: Mon, 14 Feb 2000 13:03:26 -0800 From: Brent Kearney To: FreeBSD Questions Subject: Natd, ipfw, & redirect_port Message-ID: <20000214130326.A6743@kearneys.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I know this is covered by previous posts, but the archive is still not back up, and I can't wait any longer. I'm running FreeBSD 3.4 on an x86, with NATd & two NICs. I'm trying to forward all connections to a particular port on the outside machine, to a particular port on on an inside machine (for ssh). I've done this before (under 3.2 I think), and I don't remember it being difficult at all. However, it's not working. Here's my natd rc.conf line: natd_flags="-n pn0 -m -log_denied -f /etc/natd.conf" And my natd.conf: redirect_port tcp Plato:22 2200 redirect_port udp Plato:22 2200 One difference between my old setup (3.2) and the new one, is that now I have default_to_accept disabled, so my firewall rules are quite a bit tighter. However, because one of the first rules passes all IP traffic to natd, do I need anything else? I tried this, to no avail, anyways (from rc.firewall): Allow connections to port 2200 for ssh access to Plato $fwcmd add pass tcp from any to any 2200 setup $fwcmd add pass udp from any to any 2200 Any connection attempts to port 2200 just sit there. I know the problem is not on the internal machine (Plato), because computers on the LAN have no problem connecting with ssh to it. Thanks for your help. -Brent To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message