From owner-freebsd-questions  Tue Nov 26  8:35:15 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5576037B401
	for <freebsd-questions@FreeBSD.ORG>; Tue, 26 Nov 2002 08:35:14 -0800 (PST)
Received: from cpe.atm0-0-0-1231187.0x50c47eb6.kd4nxx3.customer.tele.dk (cpe.atm0-0-0-1231187.0x50c47eb6.kd4nxx3.customer.tele.dk [80.196.126.182])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 43AC043E88
	for <freebsd-questions@FreeBSD.ORG>; Tue, 26 Nov 2002 08:35:13 -0800 (PST)
	(envelope-from flemming@froekjaer.org)
Received: from odessa.eiffel.dk (localhost [127.0.0.1])
	by  cpe.atm0-0-0-1231187.0x50c47eb6.kd4nxx3.customer.tele.dk (8.12.4/8.11.6) with ESMTP id gAQGUdB3035444;
	Tue, 26 Nov 2002 17:31:05 +0100 (CET)
	(envelope-from flemming@froekjaer.org)
Received: (from www@localhost)
	by odessa.eiffel.dk (8.12.4/8.12.4/Submit) id gAQGTvqr035426;
	Tue, 26 Nov 2002 17:29:57 +0100 (CET)
X-Authentication-Warning: odessa.eiffel.dk: www set sender to flemming@froekjaer.org using -f
To: "Alvaro Rosales R." <aran80@wintersperu.com.pe>
Subject: Re: NAT + IPFW question
Message-ID: <1038328197.3de3a185e675d@mail.froekjaer.org>
Date: Tue, 26 Nov 2002 17:29:57 +0100 (CET)
From: =?ISO-8859-1?Q?Flemming_Fr=F8kj=E6r?= <flemming@froekjaer.org>
Cc: freebsd-questions@FreeBSD.ORG
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: IMP/PHP IMAP webmail program 2.2.7
X-Originating-IP: 62.107.84.70
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Alvaro Rosales R. wrote:
> Hi fellows I have setup natd in my freeBSD BOX (using firewall =OPEN) 
> and it is working fine.
> Now I want to close my firewall so that the only computer that is using 
> NATD would the the only one that could accept connections from the 
> internet.But when I try to telnet to the natd box I cant connect to it.What 
> Am I doing wrong?
> Those are   my  ipfw rules
> 10.10.1.91 (natd box)
> 10.10.1.2 (my box)
> 
> 00050   5816  2829686 divert 8668 ip from any to any via rl1
> 00100   2412   168334 allow ip from any to any via lo0
> 00200      0        0 deny ip from any to 127.0.0.0/8
> 00300      0        0 deny ip from 127.0.0.0/8 to any
> 00800   5609  6342173 allow ip from 10.10.1.91 to 130.102.1.2
> 00801   3580   143970 allow ip from 10.10.1.2 to 130.102.1.91
> 01000 430772 59326512 deny ip from any to any
> 65000      0        0 allow ip from any to 10.10.1.2
> 65535  17161  5967606 allow ip from any to any
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

You need to tell natd to forward port 23 (telnet) to 10.10.1.2
man natd

\Flemming

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message