From owner-freebsd-hackers@FreeBSD.ORG Tue Dec 27 11:37:50 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0527516A41F for ; Tue, 27 Dec 2005 11:37:50 +0000 (GMT) (envelope-from oxy@field.hu) Received: from dumballah.tvnet.hu (dumballah.tvnet.hu [195.38.96.23]) by mx1.FreeBSD.org (Postfix) with ESMTP id 81CB643D55 for ; Tue, 27 Dec 2005 11:37:49 +0000 (GMT) (envelope-from oxy@field.hu) Received: from localhost (localhost.localdomain [127.0.0.1]) by dumballah.tvnet.hu (Postfix) with ESMTP id ED6A3101A05 for ; Tue, 27 Dec 2005 12:37:47 +0100 (CET) Received: from dumballah.tvnet.hu ([127.0.0.1]) by localhost (dumballah.tvnet.hu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17755-38 for ; Tue, 27 Dec 2005 12:37:47 +0100 (CET) Received: from oxy (dsl195-38-115-34.pool.tvnet.hu [195.38.115.34]) by dumballah.tvnet.hu (Postfix) with SMTP id 86754101A03 for ; Tue, 27 Dec 2005 12:37:47 +0100 (CET) Message-ID: <000f01c60ad9$f7732fa0$0201a8c0@oxy> From: "OxY" To: Date: Tue, 27 Dec 2005 12:37:49 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-2"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2527 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Virus-Scanned: by amavisd-new at tvnet.hu Subject: ipfw+nat X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Dec 2005 11:37:50 -0000 hi all! i'd like to ask for your help, because i didn't find anything related about this topic.. i have a box, with public ip, which is connected to other clients through openvpn (10.254.0.x) i'd like to connect to the openvpn client's port (for example ssh) through a public address port (x.x.x.x 16354) unfortunately i totally failed in this, can't even forward to my boxes openvpn address.. tried this: $cmd 00701 fwd 10.254.0.1,22 tcp from any to x.x.x.x 16354 no result, connection refused.. it works well with datapipe, however i don't want to set up dozens of datapipes :) natd is enabled, do i need it? or ipfw divert? i have the following related in kernel conf: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=5 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_FORWARD do i need anything else? thx for all your help and merry christmas!