From owner-freebsd-questions  Mon Aug 20  6:37:56 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from web14108.mail.yahoo.com (web14108.mail.yahoo.com [216.136.172.138])
	by hub.freebsd.org (Postfix) with SMTP id 82DA037B42F
	for <freebsd-questions@freebsd.org>; Mon, 20 Aug 2001 06:37:39 -0700 (PDT)
	(envelope-from k_greenwood1@yahoo.com)
Message-ID: <20010820133739.72221.qmail@web14108.mail.yahoo.com>
Received: from [209.105.201.115] by web14108.mail.yahoo.com; Mon, 20 Aug 2001 06:37:39 PDT
Date: Mon, 20 Aug 2001 06:37:39 -0700 (PDT)
From: "K. Greenwood" <k_greenwood1@yahoo.com>
Subject: Re: Port redirection with natd
To: Chris Hastie <lists@oak-wood.co.uk>,
	freebsd-questions@freebsd.org
In-Reply-To: <Zr+V+$FUjPg7EwEX@chris.oak-wood.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

--- Chris Hastie <lists@oak-wood.co.uk> wrote:
> I'm trying to set up an internet gateway with NAT
> and some port 
> redirection using Free BSD 4.3-CURRENT. The machine
> has two nics, xl0 
> faces the internet and sis0 faces my LAN.
> 
> So far the NAT works fine, but I can't get the port
> redirection going at 
> all.
> 
> The kernel was compiled with:
> 
> |options         IPFIREWALL              # install
> ipfw firewall
> |options         IPFIREWALL_VERBOSE_LIMIT=5 # log
> firewall packets, limit entries
> |options         IPDIVERT                # Allow NAT
> 
> I have this in /etc/rc.conf
> 
> |# -- Configure NAT and Firewall --#
> |firewall_enable="YES"
> |firewall_type="open"   #Close later when I get it
> working!
> |natd_enable="YES"
> |natd_interface="xl0"
> |natd_flags="-f /etc/natd.conf"
> 
> 
> and the natd.conf referenced looks like this
> 
> |dynamic yes
> |redirect_port tcp celandine:25 25
> |redirect_port tcp celandine:119 119
> |redirect_port tcp celandine:3306 3306
> 
> The ports do not seem to being redirected though,
> and I can see no 
> errors at boot up. netstat does not show any of the
> ports in question in 
> use, but an attempt to run
> 
> # natd -n xl0 -f /etc/natd.conf
> 
> returns
> 
> |natd: Unable to bind socket.: Address already in
> use.
> 
> Additionally, I can get no response from any of
> those ports by 
> telnetting to them with another machine.
> 
> Any ideas?

You may also have to set up an alias network address
(ifconfig) on your outside (natd'd) interface with a
real external IP address.  

Then simply set a -redirect_port command according to
man natd.  It appears to work for me.  Good luck.

K. Greenwood

__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message