Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 27 Dec 2005 17:08:27 +0100
From:      "OxY" <oxy@field.hu>
To:        <freebsd-hackers@freebsd.org>
Subject:   Re: ipfw+nat
Message-ID:  <001301c60aff$c5c83b50$0201a8c0@oxy>
References:  <000f01c60ad9$f7732fa0$0201a8c0@oxy>

next in thread | previous in thread | raw e-mail | index | archive | help
hi!

after i can't get it work with ipfw i tried ipnat..
i am satisfied, it's much more easier..
now, i can redirect packages from my public ip to localhost...
for example:
rdr em0 x.x.x.x/32 port 223 -> 127.0.0.1 port 2233 tcp

how can i make it to redirect packages from x.x.x.x/32 port 223 to another
public ip on
the internet?
if i use this:
rdr em0 x.x.x.x/32 port 223 -> public.ip.on.the.internet port 80 tcp
it hangs for a while, then operation timeout...
thanks!

----- Original Message ----- 
From: "OxY" <oxy@field.hu>
To: <freebsd-hackers@freebsd.org>
Sent: Tuesday, December 27, 2005 12:37 PM
Subject: ipfw+nat


> hi all!
>
> i'd like to ask for your help, because i didn't find anything related 
> about this topic..
> i have a box, with public ip, which is connected to other clients through 
> openvpn (10.254.0.x)
> i'd like to connect to the openvpn client's port (for example ssh)
> through a public address  port (x.x.x.x 16354)
>
> unfortunately i totally failed in this, can't even forward to my boxes 
> openvpn address..
>
> tried this:
> $cmd 00701 fwd 10.254.0.1,22 tcp from any to x.x.x.x 16354
>
> no result, connection refused..
> it works well with datapipe, however i don't want to set up dozens of 
> datapipes :)
>
> natd is enabled, do i need it? or ipfw divert?
> i have the following related in kernel conf:
>
> options         IPFIREWALL
> options         IPFIREWALL_VERBOSE
> options         IPFIREWALL_VERBOSE_LIMIT=5
> options         IPFIREWALL_DEFAULT_TO_ACCEPT
> options         IPFIREWALL_FORWARD
>
> do i need anything else?
> thx for all your help and merry christmas!
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" 




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001301c60aff$c5c83b50$0201a8c0>