From owner-freebsd-questions Mon Jul 8 9:52:24 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 836B037B405 for ; Mon, 8 Jul 2002 09:52:18 -0700 (PDT) Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF64443E3B for ; Mon, 8 Jul 2002 09:52:17 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id g68HM4381669; Mon, 8 Jul 2002 12:22:04 -0500 (CDT) (envelope-from nick@rogness.net) Date: Mon, 8 Jul 2002 12:22:04 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: Juan Francisco Rodriguez Hervella Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Problems with local port redirection with natd In-Reply-To: <3D298FC7.7878C795@it.uc3m.es> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 8 Jul 2002, Juan Francisco Rodriguez Hervella wrote: > Hello: > > I've got a http server running in port 80, as usual, but there is a > firewall in my network which doesn't allow such a port, it only > permits connections to port 6667. Yes, it's strange, but that is what > I've got. > > I would like to redirect the connections of this form: > > http://my.server.com:6667 > > to this: > > http://my.server.com:80 > > Yes, I also know that I could have the Apache listening on port 6667, > but I'd like to learn how can I do such a redirection with my > FreeBSD-4.5 > > Im trying to use "natd". I've recompiled the kernel and follow the > steps > > indicated in "man natd". > > I've got the following rules: > > 00100 allow ip from any to any > 00200 divert 8668 ip from any to any via fxp0 > 65535 deny ip from any to any > > And "natd" is running like this: > > root@mira:~# ps axwww | grep natd > 1235 ?? Ss 0:00.00 natd -interface fxp0 -redirect_port tcp > localhost:80 6667 > > I've also tried with the IP address and the server name instead of > "localhost", without success. When I try "telnet localhost 6667" > nothing happens. > You need to test this from the outside, ie outside your fxp0 network. When you telnet localhost 6667 on your BSD machine, the divert rule in your firewall never gets hit because it never traverses interface fxp0. Nick Rogness - Don't mind me...I'm just sniffing your packets To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message