Date: Mon, 20 Aug 2001 08:58:18 -0400 From: "Rodney Dickerson" <rdickers@columbus.rr.com> To: "Chris Hastie" <lists@oak-wood.co.uk> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: Port redirection with natd Message-ID: <00f701c12977$cbedf060$0200000a@chrome> References: <20010819082640.D17720-100000@p6m7g8.student.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
I am new, so I don't know how much help this will be... But I have seen this on my box. Although I am not doing it the exact way that you are, when I tried to run natd from a command line I got the same error. However when I rebooted it works fine. I suspect that once a divert socket is allocated it can't be dynamically updated, but that is just a theory. I don't know if you have tried rebooting instead of running it manually, but it may be worth a shot. And from my new buddy Nick Rogness, if you do this (from the console): shutdown now return It will reload rc.conf without rebooting. Hope this helps. Rod ----- Original Message ----- From: "Philip M. Gollucci" <philip@p6m7g8.com> To: "Chris Hastie" <lists@oak-wood.co.uk> Cc: <freebsd-questions@FreeBSD.ORG> Sent: Sunday, August 19, 2001 9:31 AM Subject: Re: Port redirection with natd > You need > gateway_enable="YES" in your rc.conf > > if you dont' want to restart to try this use : > sysctl -w net.inet.ip.forwarding=1 > > which does the same thing. > > Until you get it working, I would use more the following firewall rules > > <from man natd> > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via xl0 > /sbin/ipfw add pass all from any to any > > > > > -------------------------------------------------------------------------- ---- > Philip M. Gollucci (p6m7g8) philip@p6m7g8.com 301.314.3445 > > Science, Discovery, & the Universe > Webmaster > URL: http://www.sdu.umd.edu > DEVEL: http://www.test1.p6m7g8.com > DEVEL: http://www.test3.p6m7g8.com > > EJPress.com > Database/PERL Programmer & System Admin > URL : http://www.ejournalpress.com > > Resume : http://www.p6m7g8.com/resume-20010424-170825.txt > > On Mon, 20 Aug 2001, Chris Hastie wrote: > > > I'm trying to set up an internet gateway with NAT and some port > > redirection using Free BSD 4.3-CURRENT. The machine has two nics, xl0 > > faces the internet and sis0 faces my LAN. > > > > So far the NAT works fine, but I can't get the port redirection going at > > all. > > > > The kernel was compiled with: > > > > |options IPFIREWALL # install ipfw firewall > > |options IPFIREWALL_VERBOSE_LIMIT=5 # log firewall packets, limit entries > > |options IPDIVERT # Allow NAT > > > > I have this in /etc/rc.conf > > > > |# -- Configure NAT and Firewall --# > > |firewall_enable="YES" > > |firewall_type="open" #Close later when I get it working! > > |natd_enable="YES" > > |natd_interface="xl0" > > |natd_flags="-f /etc/natd.conf" > > > > > > and the natd.conf referenced looks like this > > > > |dynamic yes > > |redirect_port tcp celandine:25 25 > > |redirect_port tcp celandine:119 119 > > |redirect_port tcp celandine:3306 3306 > > > > The ports do not seem to being redirected though, and I can see no > > errors at boot up. netstat does not show any of the ports in question in > > use, but an attempt to run > > > > # natd -n xl0 -f /etc/natd.conf > > > > returns > > > > |natd: Unable to bind socket.: Address already in use. > > > > Additionally, I can get no response from any of those ports by > > telnetting to them with another machine. > > > > Any ideas? > > -- > > Chris Hastie > > > > http://www.oak-wood.co.uk/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00f701c12977$cbedf060$0200000a>