From owner-freebsd-questions Mon Nov 25 16:14:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2D5637B401 for ; Mon, 25 Nov 2002 16:14:13 -0800 (PST) Received: from blacklamb.mykitchentable.net (207-173-241-209.bras01.elk.ca.frontiernet.net [207.173.241.209]) by mx1.FreeBSD.org (Postfix) with ESMTP id 62CA043EBE for ; Mon, 25 Nov 2002 16:14:08 -0800 (PST) (envelope-from drew@mykitchentable.net) Received: from tagalong (unknown [165.107.42.110]) by blacklamb.mykitchentable.net (Postfix) with SMTP id 73179EE587; Mon, 25 Nov 2002 16:14:02 -0800 (PST) Message-ID: <028701c294e0$b984d2b0$6e2a6ba5@tagalong> From: "Drew Tomlinson" To: "Alvaro Rosales R." , Subject: Re: NAT + IPFW question Date: Mon, 25 Nov 2002 16:14:02 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ----- Original Message ----- From: "Drew Tomlinson" To: "Alvaro Rosales R." ; Sent: Monday, November 25, 2002 3:01 PM Subject: Re: NAT + IPFW question > ----- Original Message ----- > From: "Alvaro Rosales R." > To: > Sent: Monday, November 25, 2002 2:42 PM > Subject: NAT + IPFW question > > > > Hi fellows I have setup natd in my freeBSD BOX (using firewall =OPEN) > > and it is working fine. > > Now I want to close my firewall so that the only computer that is > using > > NATD would the the only one that could accept connections from the > > internet.But when I try to telnet to the natd box I cant connect to > it.What > > Am I doing wrong? > > By default, telent is disabled in recent versions of FBSD. Have you > enabled (uncommented) it in inetd.conf? > > Cheers, > > Drew > > > Those are my ipfw rules > > 10.10.1.91 (natd box) > > 10.10.1.2 (my box) > > > > 00050 5816 2829686 divert 8668 ip from any to any via rl1 > > 00100 2412 168334 allow ip from any to any via lo0 > > 00200 0 0 deny ip from any to 127.0.0.0/8 > > 00300 0 0 deny ip from 127.0.0.0/8 to any > > 00800 5609 6342173 allow ip from 10.10.1.91 to 130.102.1.2 > > 00801 3580 143970 allow ip from 10.10.1.2 to 130.102.1.91 > > 01000 430772 59326512 deny ip from any to any > > 65000 0 0 allow ip from any to 10.10.1.2 > > 65535 17161 5967606 allow ip from any to any OK, Telnet is enabled. You have to allow port 23 open on your firewall. Something like 'ipfw add 802 allow ip from any to 23'. HTH, Drew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message