From owner-freebsd-questions Tue Sep 10 10:46: 6 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28CBD37B400 for ; Tue, 10 Sep 2002 10:46:04 -0700 (PDT) Received: from hotmail.com (f236.law14.hotmail.com [64.4.21.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id E1A0443E77 for ; Tue, 10 Sep 2002 10:46:03 -0700 (PDT) (envelope-from jesse_rock206@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 10 Sep 2002 10:46:03 -0700 Received: from 207.246.151.50 by lw14fd.law14.hotmail.msn.com with HTTP; Tue, 10 Sep 2002 17:46:03 GMT X-Originating-IP: [207.246.151.50] From: "J R" To: freebsd-questions@freebsd.org Subject: ipnat Date: Tue, 10 Sep 2002 10:46:03 -0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 10 Sep 2002 17:46:03.0437 (UTC) FILETIME=[EEAB6DD0:01C258F1] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, I've been working on this setup and I can't seem to find what I'm doing wrong. Here is the gist. I have a machine with two interfaces and three IP's bound to the public interface. The private interface has an internal address and is connected to a machine via a flipped cable. I can ping the machine connected to the internal interface, and it can ping its gateway. What I want to do is forward all packets coming in to a certain IP address on the public interface to the second machine sitting behind the private interface, and vice versa. box 1: fxp0 *.*.*.70 fxp1 192.168.10.1 box 2: if1 192.168.10.2 (this is a win2k machine btw) crank# sysctl net.inet.ip.forwarding net.inet.ip.forwarding: 1 crank# ipnat -l List of active MAP/Redirect filters: map fxp0 192.168.0.0/16 -> *.*.*.70/32 rdr fxp0 *.*.*.70/32 port 80 -> 192.168.10.2 port 80 tcp/udp rdr fxp0 *.*.*.70/32 port 3389 -> 192.168.10.2 port 3389 tcp Although an nmap scan from the crank machine shows the services listening, ipnat does not forward requests from the internet to those ports, ie they time out. Am I missing something? Thank you _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message