Date: Mon, 6 Dec 1999 18:58:08 +0100 From: "Morten Seeberg" <morten@seeberg.dk> To: <questions@freebsd.org> Subject: natd and redirect_port Message-ID: <035f01bf4013$7530ec40$1600a8c0@SOS>
next in thread | raw e-mail | index | archive | help
Hi, I have a BSD with a "real" IP. I want it to forward port 666 from the external IP to an Internal FTP server running on port 666 (running Windows Serv-U - I have no influence on this machine :) ) The BSD is not running IPFIREWALL, just natd. When configured as below, the only thing I can do, is connect to the FTP from machines with real IP adresses and not using passive FTP. This probably works, because the internal FTP can open data-ports with no restrictions to the machine on the Internet. But whenever a client behind a firewall some place tries, it wount work, because then the internal FTP isnīt allowed to communicate on other ports to the client. This is where passive FTP comes into the picture as far as I understand, this means, that every port that needs to be opened to the FTP will be opened from the client. So, i I ran a TCPDUMP on the BSD on the external interface, and tried to connect to the internal FTP using passive FTP, login and password no problems. Then I tried to do a LS, and thought this is where id probably see some new ports opening, but I didnt??? So how is this done??? The 3.3-RELEASE is configured with this: firewall_enable="YES" firewall_script="/etc/rc.firewall" firewall_type="open" natd_enable="YES" natd_flags="-f /etc/rc.natd" natd_interface="ed1" and rc.natd: use_sockets same_ports redirect_port tcp 192.168.2.101:666 666 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /\/\orten $eeberg, Systems Consultant @ Merkantildata - Enterprise Solutions #echo 'System Administrators suck :)' > /dev/console To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?035f01bf4013$7530ec40$1600a8c0>