From owner-freebsd-questions@FreeBSD.ORG Thu Jul 15 02:32:49 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6F5C4106566C for ; Thu, 15 Jul 2010 02:32:49 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id 246A48FC08 for ; Thu, 15 Jul 2010 02:32:46 +0000 (UTC) Received: by gxk24 with SMTP id 24so441457gxk.13 for ; Wed, 14 Jul 2010 19:32:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:reply-to:date :message-id:subject:from:to:content-type; bh=r46b0DhL9BobQ2D8p9r4GThirlYrQe7dlTiu3b8b3iM=; b=BHbzD5l0Qxfny/VkqqazaxoRDEa2XCtsj0aluSul+W7aLCuRLxY5eZ3Ydbu6+SfbId OqbiFehsKGPrWFjN7KtOswOBZG23HO+du4BxJprvkOQ+8oH2E48d0STSFwTUV2ufGsW8 V1uDYI88Ie3xZmqc75XA/xTxr2G6KIaLmSb1c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:reply-to:date:message-id:subject:from:to:content-type; b=LJKKNaZNw3cD+NVhDcVDsDcdyqyTRfUbkTfapHZQgVFljFvf5NtSMElNmrKQXEcywZ DsPP4ykxc0RFQKTKXskgkOHv6JHJ3ELeh+IFtWAG2pI/kirSP8YZkEKVCPJIKhaKiAPD I58VnD1tm+zjlVg4c9T9hxgp48T4JzWSFepng= MIME-Version: 1.0 Received: by 10.150.69.3 with SMTP id r3mr8809329yba.105.1279161165683; Wed, 14 Jul 2010 19:32:45 -0700 (PDT) Received: by 10.150.53.5 with HTTP; Wed, 14 Jul 2010 19:32:45 -0700 (PDT) Date: Wed, 14 Jul 2010 22:32:45 -0400 Message-ID: From: alexus To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 Subject: ipnat.conf - map and rdr won't work! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: google@alexus.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2010 02:32:49 -0000 I can't put my mind around it, before reboot I was able to ssh in from outside to my jail and right now I can't! I even rebuild the whole system and even that didn't help:( anyone have any ideas? su-3.2# cat /etc/ipnat.rules map fxp0 lama -> 0/32 rdr fxp0 64.52.58.58 port ssh -> lama port ssh tcp su-3.2# grep lama /etc/hosts 172.16.172.16 lama su-3.2# ipnat -l List of active MAP/Redirect filters: map fxp0 172.16.172.16/32 -> 0.0.0.0/32 rdr fxp0 64.52.58.58/32 port 22 -> 172.16.172.16 port 22 tcp List of active sessions: su-3.2# ifconfig vr0: flags=8943 metric 0 mtu 1500 options=2808 ether 00:19:5b:68:9b:01 inet 172.16.172.16 netmask 0xffffffff broadcast 172.16.172.16 media: Ethernet autoselect (none) status: no carrier fxp0: flags=8843 metric 0 mtu 1500 options=2009 ether 00:0f:fe:aa:f4:61 inet 64.52.58.58 netmask 0xffffffe0 broadcast 64.52.58.63 media: Ethernet autoselect (100baseTX ) status: active plip0: flags=108810 metric 0 mtu 1500 lo0: flags=8049 metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 su-3.2# jls JID IP Address Hostname Path 1 172.16.172.16 lama /usr/jail/lama su-3.2# grep ^ipnat_enable /etc/rc.conf ipnat_enable="YES" su-3.2# grep ^gateway_enable /etc/rc.conf gateway_enable="YES" su-3.2# sysctl net.inet.ip.forwarding net.inet.ip.forwarding: 1 su-3.2# and this is me from outside trying to ssh to my box and getting time out... mp:~ alexus$ ssh -v jothost.com OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to jothost.com [64.52.58.58] port 22. debug1: connect to address 64.52.58.58 port 22: Operation timed out ssh: connect to host jothost.com port 22: Operation timed out mp:~ alexus$ -- http://alexus.org/