From owner-freebsd-questions@FreeBSD.ORG Wed May 13 18:09:06 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D6A99106566B for ; Wed, 13 May 2009 18:09:06 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.30]) by mx1.freebsd.org (Postfix) with ESMTP id 91B318FC16 for ; Wed, 13 May 2009 18:09:06 +0000 (UTC) (envelope-from alexus@gmail.com) Received: by yx-out-2324.google.com with SMTP id 8so439973yxb.13 for ; Wed, 13 May 2009 11:09:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=tnokHdQl9DiUVLuUah2jBLJI/qJigmEVZ39S3/gPZ4Q=; b=P4K5+f6CqKLMFFCyJSzLYsdApZeH13zvsHz60+1/FPfMmm6SEb/sUiy2DeLQCjJdLK LdiKkfXVSYQM9F6HkR0w2fAqJKliAgBhGM8SU8FXx41tlCNXcIMaembkD1oHRnCxWTlg Vg60SjuThtW1OZiq4FT9UpMcw9LANc+I6b/b4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=xoPG7i6Ck0c7J90VwgnxT59FyZqAQxzCIn4wVMlkthhj3zDNALn576SHzawUPaFYgu BcZsi9w6v9523mD3B7mOwlzEc+mLDf6idYCdTw8XpP7Cj7QTxJVkmn6KwzodDja72B4F NihoQuwNkH62YyKRDfh+AQeoq1r0HZLkLijQg= MIME-Version: 1.0 Received: by 10.151.121.6 with SMTP id y6mr1664036ybm.56.1242238145154; Wed, 13 May 2009 11:09:05 -0700 (PDT) In-Reply-To: <6ae50c2d0905130958r6877114bgbea6a4f717c1287d@mail.gmail.com> References: <6ae50c2d0905130958r6877114bgbea6a4f717c1287d@mail.gmail.com> Date: Wed, 13 May 2009 14:09:05 -0400 Message-ID: <6ae50c2d0905131109j7d61075ao1a0b329a1b2fd122@mail.gmail.com> From: alexus To: "freebsd-questions@freebsd.org" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: ipnat port-range X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 May 2009 18:09:07 -0000 On Wed, May 13, 2009 at 12:58 PM, alexus wrote: > i need to redirect bunch of ports, or port-range from outside to my jail > > # /etc/rc.d/ipnat reload > /etc/rc.d/ipnat: DEBUG: checkyesno: ipnat_enable is set to YES. > /etc/rc.d/ipnat: DEBUG: run_rc_command: doit: /sbin/ipnat -F -C -f > /etc/ipnat.rules > 0 entries flushed from NAT table > 2 entries flushed from NAT list > syntax error error at "port-range", line 8 > # grep port-range /etc/ipnat.rules > rdr bce0 0/0 port-range 49152:65534 -> lama port-range 49152:65534 tcp > # > > > > -- > http://alexus.org/ > that rule is wrong to begin with as rdr doesn't work with ranges, i guess I need to use something else.. anyone done something like that? use ipnat to map range of ports? this is for ftp PASV -- http://alexus.org/