From owner-freebsd-ipfw@FreeBSD.ORG  Mon Mar  8 23:14:17 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CAAD316A4CF
	for <freebsd-ipfw@freebsd.org>; Mon,  8 Mar 2004 23:14:17 -0800 (PST)
Received: from web41307.mail.yahoo.com (web41307.mail.yahoo.com
	[66.218.93.56])	by mx1.FreeBSD.org (Postfix) with SMTP id 9C32C43D46
	for <freebsd-ipfw@freebsd.org>; Mon,  8 Mar 2004 23:14:17 -0800 (PST)
	(envelope-from jason_highland@yahoo.com)
Message-ID: <20040309071417.28175.qmail@web41307.mail.yahoo.com>
Received: from [216.123.231.198] by web41307.mail.yahoo.com via HTTP;
	Mon, 08 Mar 2004 23:14:17 PST
Date: Mon, 8 Mar 2004 23:14:17 -0800 (PST)
From: asd ads <jason_highland@yahoo.com>
To: freebsd-ipfw@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: Multiple natd and inbound web traffic
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Mar 2004 07:14:17 -0000

Hi

I have the following setup below.  A FreeBSD 4.9
machine with 3 nics fxp0, fxp1 and ed0. Fxp0 is
connected to my DSL connection, fxp1 is connected to
my Cable connection and ed0 is my internal network.


xx.xx.12.1     yy.yy.34.1
---------        ------
|  DSL  |        |Cable|
---------        ------
   |               |
    \             /
     \           / 
      \         /
       \       /
        \     / 
    fxp0 |    | fxp1
   .12.2 |    |.34.2
	 |    |
    ----------------
    |      FW       |
    | Default route |
    |  xx.xx.12.1   |
    |	            |
    -----------------
	    |
            |ed0
            |192.168.200.1
	    |
            |
          -----
	  |   |
	  |   | Web Server
          |   | 192.168.200.10:80
          |   |
          -----

What I'm trying to do:

Need to have inbound web traffic (from both
connections) foward to the same internal web server.

Problem:

When a web connection is made to xx.xx.12.2:80(DSL),
its nated to 192.168.200.10:80(websrv) and then back
to the client(all is well at this point). 

The problem occars when a connection is made to 
yy.yy.34.2:80(cable), it's nated with the second
instance of nat to 192.168.200.10:80(websrv) but when
it trys to respond back to the client the default
route forces it back thru the first connection. 

Does anyone have a good example of a fwd & divert
rules that would help with this issue?

Thanks in advance

Jason Highland



__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster
http://search.yahoo.com