Date: Tue, 13 Nov 2001 18:43:09 +0100 (CET) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= <freefabri@yahoo.it> To: Drew Tomlinson <drew@mykitchentable.net> Cc: freebsd-isp@freebsd.org Subject: Re: Nat Gateway Firewall rules Message-ID: <20011113174309.7867.qmail@web20108.mail.yahoo.com> In-Reply-To: <014b01c16c68$91889310$cd2a6ba5@lc.ca.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
ups! thanks but what a pity, but the option -alias_address or -target_address? Can they help me? --- Drew Tomlinson <drew@mykitchentable.net> ha scritto: > ----- Original Message ----- > From: "Fabrizio Ravazzini" <freefabri@yahoo.it> > To: <john@day-light.com> > Cc: <freebsd-isp@freebsd.org> > Sent: Tuesday, November 13, 2001 9:18 AM > Subject: RE: Nat Gateway Firewall rules > > > > many thanks for help,now I've tought to another > > problem, I've read on the FreebSD Handbook > > (cap17.11-Nat) and the natd manual page that with > the > > option -redirect_address, if I have for example a > www > > server I can redirect the traffic to this server > wich > > is on the internal Lan or also to another machine > with > > public Ip. > > But the problem is: if I have two or more web > servers > > in the lan or also out of the Lan which they must > be > > reached from the internet how can I redirect with > > natd? > > The only way I know is to connect to them via > different ports. In other > words, tell NAT that requests on port 80 get > redirected to WWW1:80 and > requests on port 8080 get reidrected to WWW2:80. > Then to connect to > WWW2, you would put http://WWW2:8080 in your web > browser. > > HTH, > > Drew > > > Because with natd I can redirect (I understood) > only > > one machine for one service. > > Shortly the scheme: > > > > INTERNET > > | > > |PublicIP1 > > +---------+ > > | NAT | > > |Firewall | > > +---------+ PublicIP2 > > +----+ | | +------+ > > |WWW1|--------+ +-----+-----| WWW2 | > > +----+ | +------+ > > PublicIp3 | > > or InternalLan1 |DNS > > > > > > Thanks,bye > > > > > > --- John Brooks <john@day-light.com> ha scritto: > > Try > > these: > > > > > > http://www.obfuscation.org/ipf/ > > > > > > http://geodsoft.com/howto/harden/ > > > > > > -- > > > John Brooks > > > Email: john@stlbsd.org > > > > > > -----Original Message----- > > > > > > ...snip... > > > > > > I must provide a strong Firewall set of rules on > the > > > nat, where can I find some docs to do such a > thing? > > > > > > > > > To Unsubscribe: send mail to > majordomo@FreeBSD.org > > > with "unsubscribe freebsd-isp" in the body of > the > > message > > > > > ______________________________________________________________________ > > > > Abbonati a Yahoo! ADSL con Atlanet! > > Naviga su Internet ad alta velocitą, e senza > limiti di tempo! > > Per saperne di pił vai alla pagina > http://adsl.yahoo.it > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the > message > > > > > ______________________________________________________________________ Abbonati a Yahoo! ADSL con Atlanet! Naviga su Internet ad alta velocitą, e senza limiti di tempo! Per saperne di pił vai alla pagina http://adsl.yahoo.it To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011113174309.7867.qmail>