Date: Wed, 5 Sep 2001 17:05:00 +0200 From: Silvio <silvio@kpnqwest.it> To: freebsd-questions@FreeBSD.ORG Message-ID: <MWMail.bqrfsrcs@host.none>
next in thread | raw e-mail | index | archive | help
9/5/2001 17:05:01 Hi there! An issue with natd: my request is to use a BSD 4.4 box as a firewall protecting an httpd machine on a private LAN. An external client wanting to access the httpd is to call firewall's external ip on port 80 - firewall's job will be to redirect the call to the lan and nat back httpd's answers to external client. This is how I did it, and it works: ipfw add divert 8668 tcp from any to <ext. address> 80 in via <ext. iface> natd -n <ext. iface> -redirect_address <httpd address> <ext. address> ipfw add allow tcp from any to <httpd address> 80 in via <ext. iface> ipfw add allow tcp from any to <httpd address> 80 out via <int. iface> ipfw add divert 8688 tcp from <httpd address> to any in via <int. iface> natd -p 8688 -n <ext. iface> -reverse ipfw add allow tcp from <ext. address> 80 to any in via <int. iface> ipfw add allow tcp from <ext. address> 80 to any out via <ext. iface> I'm quite sure there a better [leaner, more polished] way of doing it, either with ipfw fwd and one natd only or elseway whatsoever. Anybody out there with ideas? Thanx in advance & Regards silvio@kpnqwest.it To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MWMail.bqrfsrcs>