From owner-freebsd-questions Sat Feb 19 15:46: 3 2000 Delivered-To: freebsd-questions@freebsd.org Received: from if.scientech.com (eaglerock.if.scientech.com [198.60.85.3]) by hub.freebsd.org (Postfix) with ESMTP id 8839437BD08 for ; Sat, 19 Feb 2000 15:46:00 -0800 (PST) (envelope-from cmott@scientech.com) Received: from if.scientech.com (IDENT:cmott@if.scientech.com [10.128.1.6] (may be forged)) by if.scientech.com (8.9.3/8.9.3) with ESMTP id QAA14848; Sat, 19 Feb 2000 16:45:59 -0700 Date: Sat, 19 Feb 2000 16:45:59 -0700 (MST) From: Charles Mott To: questions@FreeBSD.ORG Cc: dc Subject: Re: Redirecting/mapping ports to a local machine... help! In-Reply-To: <20000219180014.B60348@cc942873-a.ewndsr1.nj.home.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 19 Feb 2000, Crist J. Clark wrote: > On Sat, Feb 19, 2000 at 11:15:32AM -0700, Ivan Fetch wrote: > > On Sat, 19 Feb 2000, dc wrote: > > > Hi, > > > > > > i've got 2 computers, 1 on freebsd, the other on windows. They are > > > sharing the net using natd. But i got a ftp server on port 42 of my > > > windows box, and i want to make it available from the outside... i tried > > > to do it with "redirect_port", here goes my natd.conf file: > > > > > > > > > ### Configuration file for Natd > > > > > > alias_address 24.226.185.143 > > > redirect_port tcp 192.168.0.2:42 42 > > > redirect_port udp 192.168.0.2:42 42 > > > > > > ### End > > > > > > > > > then i launched "natd -conf /etc/natd.conf", both computers were sharing > > > the net as before, though i couldn't access the ftp server from the > > > outside. > > > > > > I can connect to the ftp server from the bsd box using the local ip > > > (19.168.0.2).... > > > > Hello, > > Your Windows FTP server does work on port 42: > > ftp your_Internet_IP 42 > > > > Connected to u-serv FTP... > > > > I am not sure if this is why things were not working when you tedted them, > > but testing your ftp connection from inside your LAN (192.168.X.X) will > > not work. Maybe telnet to another machine on the Internet and then try > > FTPing back to your FreeBSD box for testing purposes. > > Doing FTP over a NAT box is problematic due to the two-channel nature > of FTP. As far as I know, NAT cannot fully support the FTP protocol. > -- > Crist J. Clark cjclark@home.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > It looks like "dc" is the originator of this thread. I think this should actually work, although I do not see 24.226.185.143 as a live address right now. If "dc" could enable port 42 forwarding on a working IP address, I'll check what is going one. Here are the problem solving steps: (1) Make a telnet connection to port 42 from the outside through the natd box and verify that the control channel is working as expected. (2) In non-passive mode (the default), the FTP server will originate data connections. In this case the FTP server on the inside will initiate a data connection from port 20 that should be correctly aliased through the natd box to the client machine. You can observe this traffic by doing a tcpdump on the inside ethernet interface. tcpdump -n -i host 192.168.0.2 Natd also has a debugging mode showing how it is re- writing the packets. This should be looked at also. Running tcpdump and looking at packets always eliminates quite a bit of confusion. I could be wrong, but I remember mapping ftp to an inside server without any problems. If you are trying to connect via a passive mode client, then it would also be necessary to re-map the data port to the inside. Charles Mott To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message