From owner-freebsd-questions Mon Aug 20 5:33:11 2001 Delivered-To: freebsd-questions@freebsd.org Received: from p6m7g8.student.umd.edu (p6m7g8.student.umd.edu [129.2.247.12]) by hub.freebsd.org (Postfix) with ESMTP id BA1FB37B407 for ; Mon, 20 Aug 2001 05:33:02 -0700 (PDT) (envelope-from philip@p6m7g8.com) Received: from localhost (philip@localhost) by p6m7g8.student.umd.edu (8.11.3/8.11.3) with ESMTP id f7JDV2899630; Sun, 19 Aug 2001 08:31:02 -0500 (EST) (envelope-from philip@p6m7g8.com) X-Authentication-Warning: p6m7g8.student.umd.edu: philip owned process doing -bs Date: Sun, 19 Aug 2001 08:31:01 -0500 (EST) From: "Philip M. Gollucci" X-X-Sender: To: Chris Hastie Cc: Subject: Re: Port redirection with natd In-Reply-To: Message-ID: <20010819082640.D17720-100000@p6m7g8.student.umd.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You need gateway_enable="YES" in your rc.conf if you dont' want to restart to try this use : sysctl -w net.inet.ip.forwarding=1 which does the same thing. Until you get it working, I would use more the following firewall rules /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via xl0 /sbin/ipfw add pass all from any to any ------------------------------------------------------------------------------ Philip M. Gollucci (p6m7g8) philip@p6m7g8.com 301.314.3445 Science, Discovery, & the Universe Webmaster URL: http://www.sdu.umd.edu DEVEL: http://www.test1.p6m7g8.com DEVEL: http://www.test3.p6m7g8.com EJPress.com Database/PERL Programmer & System Admin URL : http://www.ejournalpress.com Resume : http://www.p6m7g8.com/resume-20010424-170825.txt On Mon, 20 Aug 2001, Chris Hastie wrote: > I'm trying to set up an internet gateway with NAT and some port > redirection using Free BSD 4.3-CURRENT. The machine has two nics, xl0 > faces the internet and sis0 faces my LAN. > > So far the NAT works fine, but I can't get the port redirection going at > all. > > The kernel was compiled with: > > |options IPFIREWALL # install ipfw firewall > |options IPFIREWALL_VERBOSE_LIMIT=5 # log firewall packets, limit entries > |options IPDIVERT # Allow NAT > > I have this in /etc/rc.conf > > |# -- Configure NAT and Firewall --# > |firewall_enable="YES" > |firewall_type="open" #Close later when I get it working! > |natd_enable="YES" > |natd_interface="xl0" > |natd_flags="-f /etc/natd.conf" > > > and the natd.conf referenced looks like this > > |dynamic yes > |redirect_port tcp celandine:25 25 > |redirect_port tcp celandine:119 119 > |redirect_port tcp celandine:3306 3306 > > The ports do not seem to being redirected though, and I can see no > errors at boot up. netstat does not show any of the ports in question in > use, but an attempt to run > > # natd -n xl0 -f /etc/natd.conf > > returns > > |natd: Unable to bind socket.: Address already in use. > > Additionally, I can get no response from any of those ports by > telnetting to them with another machine. > > Any ideas? > -- > Chris Hastie > > http://www.oak-wood.co.uk/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message