From owner-freebsd-questions  Mon May 27  9:30:27 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from tomts16-srv.bellnexxia.net (tomts16.bellnexxia.net [209.226.175.4])
	by hub.freebsd.org (Postfix) with ESMTP id 50A0D37B404
	for <freebsd-questions@FreeBSD.ORG>; Mon, 27 May 2002 09:30:23 -0700 (PDT)
Received: from xena.gsicomp.on.ca ([65.95.179.11])
          by tomts16-srv.bellnexxia.net
          (InterMail vM.5.01.04.19 201-253-122-122-119-20020516) with ESMTP
          id <20020527163022.ZPZL13554.tomts16-srv.bellnexxia.net@xena.gsicomp.on.ca>;
          Mon, 27 May 2002 12:30:22 -0400
Received: from hermes (hermes.gsicomp.on.ca [192.168.0.18])
	by xena.gsicomp.on.ca (8.11.3/8.11.3) with SMTP id g4RFGVb30590;
	Mon, 27 May 2002 11:16:32 -0400 (EDT)
	(envelope-from matt@gsicomp.on.ca)
Message-ID: <002b01c2059b$cbcc9f90$1200a8c0@gsicomp.on.ca>
From: "Matthew Emmerton" <matt@gsicomp.on.ca>
To: "Curtis Polk" <cmackjr@swbell.net>,
	<freebsd-questions@FreeBSD.ORG>
References: <3CF25DE2.68DB258B@swbell.net>
Subject: Re: IPNAT Problem
Date: Mon, 27 May 2002 12:30:20 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4807.1700
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> I have IPNAT working, sort of.  I'd like to do a redirect from my public
>
> machine to the private Web server.  Here is ipnat.rules:
>
> map xl0 192.168.2.0/24 -> 0/32
> rdr xl0 aaa.bbb.ccc.ddd port=80 -> 192.168.2.3 port=80
>
> The map works fine, but the redirect does not.  I've tried adding the
> CIDR
> mask, /32 to the public host address, no help.  Any help would  be
> appreciated.

Since the mapping has already occured by the time you do redirects, you need
to use something that ipnat recognizes as the "inside" IP address.  This is
what I use:

rdr tun0 0.0.0.0/0 port 80 -> 192.168.0.2 port 80

--
Matt Emmerton



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message