From owner-freebsd-hackers@FreeBSD.ORG Tue Dec 27 16:08:28 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 59C1216A41F for ; Tue, 27 Dec 2005 16:08:28 +0000 (GMT) (envelope-from oxy@field.hu) Received: from dumballah.tvnet.hu (dumballah.tvnet.hu [195.38.96.23]) by mx1.FreeBSD.org (Postfix) with ESMTP id E5CFE43D60 for ; Tue, 27 Dec 2005 16:08:25 +0000 (GMT) (envelope-from oxy@field.hu) Received: from localhost (localhost.localdomain [127.0.0.1]) by dumballah.tvnet.hu (Postfix) with ESMTP id 3151F10193E for ; Tue, 27 Dec 2005 17:08:25 +0100 (CET) Received: from dumballah.tvnet.hu ([127.0.0.1]) by localhost (dumballah.tvnet.hu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07440-43 for ; Tue, 27 Dec 2005 17:08:24 +0100 (CET) Received: from oxy (dsl195-38-115-34.pool.tvnet.hu [195.38.115.34]) by dumballah.tvnet.hu (Postfix) with SMTP id B1A3B101894 for ; Tue, 27 Dec 2005 17:08:24 +0100 (CET) Message-ID: <001301c60aff$c5c83b50$0201a8c0@oxy> From: "OxY" To: References: <000f01c60ad9$f7732fa0$0201a8c0@oxy> Date: Tue, 27 Dec 2005 17:08:27 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-2"; reply-type=response Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2527 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Virus-Scanned: by amavisd-new at tvnet.hu Subject: Re: ipfw+nat X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Dec 2005 16:08:28 -0000 hi! after i can't get it work with ipfw i tried ipnat.. i am satisfied, it's much more easier.. now, i can redirect packages from my public ip to localhost... for example: rdr em0 x.x.x.x/32 port 223 -> 127.0.0.1 port 2233 tcp how can i make it to redirect packages from x.x.x.x/32 port 223 to another public ip on the internet? if i use this: rdr em0 x.x.x.x/32 port 223 -> public.ip.on.the.internet port 80 tcp it hangs for a while, then operation timeout... thanks! ----- Original Message ----- From: "OxY" To: Sent: Tuesday, December 27, 2005 12:37 PM Subject: ipfw+nat > hi all! > > i'd like to ask for your help, because i didn't find anything related > about this topic.. > i have a box, with public ip, which is connected to other clients through > openvpn (10.254.0.x) > i'd like to connect to the openvpn client's port (for example ssh) > through a public address port (x.x.x.x 16354) > > unfortunately i totally failed in this, can't even forward to my boxes > openvpn address.. > > tried this: > $cmd 00701 fwd 10.254.0.1,22 tcp from any to x.x.x.x 16354 > > no result, connection refused.. > it works well with datapipe, however i don't want to set up dozens of > datapipes :) > > natd is enabled, do i need it? or ipfw divert? > i have the following related in kernel conf: > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=5 > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPFIREWALL_FORWARD > > do i need anything else? > thx for all your help and merry christmas! > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"