Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 20 Aug 2001 09:54:29 -0500 (CDT)
From:      Nick Rogness <nick@rogness.net>
To:        Chris Hastie <lists@oak-wood.co.uk>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: Port redirection with natd
Message-ID:  <Pine.BSF.4.21.0108200951070.88303-100000@cody.jharris.com>
In-Reply-To: <Zr%2BV%2B$FUjPg7EwEX@chris.oak-wood.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 20 Aug 2001, Chris Hastie wrote:

> I'm trying to set up an internet gateway with NAT and some port
> redirection using Free BSD 4.3-CURRENT. The machine has two nics, xl0
> faces the internet and sis0 faces my LAN.
> 
> So far the NAT works fine, but I can't get the port redirection going at 
> all.
> 
> The kernel was compiled with:
> 
> |options         IPFIREWALL              # install ipfw firewall
> |options         IPFIREWALL_VERBOSE_LIMIT=5 # log firewall packets, limit entries
> |options         IPDIVERT                # Allow NAT
> 
> I have this in /etc/rc.conf
> 
> |# -- Configure NAT and Firewall --#
> |firewall_enable="YES"
> |firewall_type="open"   #Close later when I get it working!
> |natd_enable="YES"
> |natd_interface="xl0"
> |natd_flags="-f /etc/natd.conf"
> 
> 
> and the natd.conf referenced looks like this
> 
> |dynamic yes
> |redirect_port tcp celandine:25 25
> |redirect_port tcp celandine:119 119
> |redirect_port tcp celandine:3306 3306
> 
> The ports do not seem to being redirected though, and I can see no
> errors at boot up. netstat does not show any of the ports in question
> in use, but an attempt to run

	Have you turned on logging to see what is going on?

> 
> # natd -n xl0 -f /etc/natd.conf
> 
> returns
> 
> |natd: Unable to bind socket.: Address already in use.
> 

	natd is already running and bound to port 8668 [from the startup].

> Additionally, I can get no response from any of those ports by
> telnetting to them with another machine.
> 

	The redirect_port stuff will only work from the outside with your
	setup.  Try going to an outside machine and telnetting.


Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
  "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0108200951070.88303-100000>