Date: Mon, 9 May 2005 19:33:21 -0400 From: Calvin Lane <calvin.lane@gmail.com> To: Karan Gupta <kgupta@edgefocus.com> Cc: freebsd-questions@freebsd.org Subject: Re: RealVNC Message-ID: <995be75e05050916331db78f13@mail.gmail.com> In-Reply-To: <00ef01c554cd$c30aa210$442aa8c0@ping.co.la> References: <00ef01c554cd$c30aa210$442aa8c0@ping.co.la>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Karan, I have RealVNC going through a number of BSD firewalls/gatways. Most of my BSD boxes are 4.9 or 4.10. I'm using ipfilter as my firewall. Here is what I do: in ipnat.rules rdr xl0 xxx.xxx.xxx.xxx/32 port 5800 -> 192.168.0.12 <http://192.168.0.12>port 5800 rdr xl0 xxx.xxx.xxx.xxx/32 port 5900 -> 192.168.0.12 <http://192.168.0.12>port 5900 in ipf.rules pass in quick on xl0 proto tcp from any to any port = 5800 flags S keep state keep frags pass in quick on xl0 proto tcp from any to any port = 5900 flags S keep state keep frags These are the only lines that I use to connect to internal machines on VNC through my firewall. Let me know how this works for you. Calvin Lane calvin.lane@gmail.com On 5/9/05, Karan Gupta <kgupta@edgefocus.com> wrote: > > Need help..have gone through google/docs but am still confused. > Im running, > > FreeBSD aaa.bbb.com <http://aaa.bbb.com>; 4.9-RELEASE FreeBSD 4.9-RELEASE#4: > aaa.bbb.com:/usr/src/sys/compile/GENERIC i386 > > its acting as a router running NAT, IPFW and DHCP > > INTERNET<------>fBSD<------>x.x.x.x(win2k machine running RealVNC server > on the local network, it has a static IP) > > a.a.a.a: is the ext_ip_fbsd > x.x.x.1: is the int_ip_fsd > x.x.x.x: Win2k on the local network running RealVNC server > > I want to connect to the win2k machine from the internet. > i have natd.conf with > same_port yes > redirect_port tcp x.x.x.x:5800-5900 a.a.a.a:5800-5900 > redirect_port udp x.x.x.x:5800-5900 a.a.a.a:5800-5900 > > ###ipfw with##### > ipfw -f flush > ##### rl0 is the ext interface ##### > /sbin/natd -interface rl0 -s > ipfw add 999 divert natd all from any to any via rl0 > > I can get on the internet just fine, can ssh to the fBSD from the outside > as well. > Heres the nmap output, > Port State Service > 21/tcp open ftp > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 443/tcp open https > 587/tcp open submission > > I guess i need to open the ports on the firewall....nothing that i tried > worked. > > Any suggestions? > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?995be75e05050916331db78f13>