Date: Tue, 24 Aug 2004 13:41:56 -0700 From: patrick <patrick@esoltani.com> To: fbsd-ipfw@0x10.com Cc: freebsd-ipfw@freebsd.org Subject: Re: natd and ipfw problems...hope this is the right place=) Message-ID: <412BA814.9060406@esoltani.com> In-Reply-To: <E1BzXfH-0003AQ-9n@mk-webmail-1.b2b.uk.tiscali.com> References: <E1BzXfH-0003AQ-9n@mk-webmail-1.b2b.uk.tiscali.com>
next in thread | previous in thread | raw e-mail | index | archive | help
fbsd-ipfw@0x10.com wrote: > Diagram: > .oO( Internet )Oo. > || > || > [----DSL------] > [ adsl router ] <- No Nat > [-------------] > | | > | | > | | > B A > [--------WL-------] [---BSD---] > NAT -> [ wireless router ] [ bsd box ] > [-----------------] [---------] > X > | | | > | | | > | |___________| > Y > [---------WEB--------] > [ web server + media ] > [--------------------] > IP Addresses: > A: External IP 82.*.*.A > B: External IP 82.*.*.B > X: Internal IP 192.168.1.101 > Y: Internal IP 192.168.1.100 Hi, How the wireless is configured? i.e., does it accept incoming requests from Internet for the webserver? If the wireless IS NOT accepting any incoming requests for the web server from the Internet then something like the following should do the trick: *BSD* box: build it as NATD and IPFW machine. - Assign your public web IP as an alias to the external NIC, so the outside world will hit your BSD box for the web pages. In /etc/rc.conf add; assuming your public web server is at 82.82.82.82. Note the netmask which is what ALL the aliased ips should have. Also assuming you have fxp0 as your External Interface on the BSD box. ifconfig_fxp0_alias0="inet 82.82.82.82 netmask 255.255.255.255" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/natd.conf" - In your /etc/natd.conf add redirect_port tcp 192.168.1.100:80 82.82.82.82:80 -Adjust your ipfw rules to allow port 80 for the public ip and private ip to your liking. *WEB* box: make it's default gateway the BSD box, i.e., the internal interface on the BSD box will be the default route for the WEB box. Since the Wireless and the BSD box are on the same LAN/network, your wireless clients should have no problem reaching the web server. I am sure there are other ways of doing this, but this a good start. Regards, Patrick Soltani.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?412BA814.9060406>