Date: Wed, 13 Mar 2002 11:03:31 -0600 From: Server Admin <admin@sage-one.net> To: alan@quay.net (Alan McKay), freebsd-questions@FreeBSD.ORG Subject: Re: ipfw/pppoe/nat trouble Message-ID: <3.0.5.32.20020313110331.01178868@mail.sage-one.net> In-Reply-To: <20020313163949.11A2B5D4A@victory.quay.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alan: Gerry's method on an earlier reply is the way to do it. A config file running NATD.... more flexibility - lots of stuff can be placed in the config file for natd to look at.... At 11:39 AM 3.13.2002 -0500, Alan McKay wrote: > >So should I give up on PPP's native NAT and switch to NATD? >Anyone know what could be up here? > >thanks, >-Alan > > >Folks, > >I'm using FreeBSD 4.5 RELEASE for my firewall, and using it's native ppp >to manage my PPPoE connection. When doing this, one uses ppp's native >NAT, and not natd. > >I have a web cam running on port 80 of a private PC at home, and want to >forward that out to some obscure port on the firewall. Let's just say for >the sake of argument port 4711. > >My firewall (ipfw) rules include : >allow tcp from any to <my-external-IP> 4711 setup > >I have the same rule on port 80 for the apache server running on the >firewall, and it works. The above rulle I have right beside my port 80 >rule in the this. However, when I try to hit port 4711 from outside, >and do a "ipfw show", it drops right through that rule to about 5 rules >below where I deny all connections from outside (after allowing the few >that I want to allow). > >So I never get to try to see if my NAT rules are correct. In my >/etc/ppp/ppp.conf file I have (among other things) : > > nat enable yes > nat log yes > nat target MYADDR > nat port tcp <private-ip-of-webcam-PC>:80 4711 > >Any ideas why my firewall rule is not allowing the 4711 connection? >I'm stumped! > >Are there any good examples of using PPPoE's NAT in combo with ipfw >to port-forward to something on the private side? > >cheers, >-Alan > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > .... our website: http://www.sage-one.net/ Best regards, Jack L. Stone Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20020313110331.01178868>