From owner-freebsd-questions Mon Nov 25 15: 1:49 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA54337B401 for ; Mon, 25 Nov 2002 15:01:47 -0800 (PST) Received: from blacklamb.mykitchentable.net (207-173-241-209.bras01.elk.ca.frontiernet.net [207.173.241.209]) by mx1.FreeBSD.org (Postfix) with ESMTP id 22E0B43EC5 for ; Mon, 25 Nov 2002 15:01:47 -0800 (PST) (envelope-from drew@mykitchentable.net) Received: from tagalong (unknown [165.107.42.110]) by blacklamb.mykitchentable.net (Postfix) with SMTP id 35790EE587; Mon, 25 Nov 2002 15:01:41 -0800 (PST) Message-ID: <023101c294d6$9df4bf10$6e2a6ba5@tagalong> From: "Drew Tomlinson" To: "Alvaro Rosales R." , References: <3DE2611D.10213.17F371@localhost> Subject: Re: NAT + IPFW question Date: Mon, 25 Nov 2002 15:01:41 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ----- Original Message ----- From: "Alvaro Rosales R." To: Sent: Monday, November 25, 2002 2:42 PM Subject: NAT + IPFW question > Hi fellows I have setup natd in my freeBSD BOX (using firewall =OPEN) > and it is working fine. > Now I want to close my firewall so that the only computer that is using > NATD would the the only one that could accept connections from the > internet.But when I try to telnet to the natd box I cant connect to it.What > Am I doing wrong? By default, telent is disabled in recent versions of FBSD. Have you enabled (uncommented) it in inetd.conf? Cheers, Drew > Those are my ipfw rules > 10.10.1.91 (natd box) > 10.10.1.2 (my box) > > 00050 5816 2829686 divert 8668 ip from any to any via rl1 > 00100 2412 168334 allow ip from any to any via lo0 > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00300 0 0 deny ip from 127.0.0.0/8 to any > 00800 5609 6342173 allow ip from 10.10.1.91 to 130.102.1.2 > 00801 3580 143970 allow ip from 10.10.1.2 to 130.102.1.91 > 01000 430772 59326512 deny ip from any to any > 65000 0 0 allow ip from any to 10.10.1.2 > 65535 17161 5967606 allow ip from any to any > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message