From owner-freebsd-ipfw Tue Feb 27 5: 3: 7 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from mip.co.za (puck.mip.co.za [209.212.106.44]) by hub.freebsd.org (Postfix) with ESMTP id 299A637B71A for ; Tue, 27 Feb 2001 05:02:51 -0800 (PST) (envelope-from patrick@mip.co.za) Received: from patrick (patrick.mip.co.za [10.3.13.181]) by mip.co.za (8.9.3/8.9.3) with SMTP id PAA45803 for ; Tue, 27 Feb 2001 15:02:39 +0200 (SAST) (envelope-from patrick@mip.co.za) From: "Patrick O'Reilly" To: Subject: Just testing - Please forgive me.... Date: Tue, 27 Feb 2001 15:02:39 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have had problems getting emails accepted on freebsd-ipfw@FreeBSD.ORG - so this is a test - please ignore it. Thanks you. Patrick. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Mar 2 4:38: 3 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from msexchange.alx.unitedway.org (msmail.unitedway.org [38.204.190.251]) by hub.freebsd.org (Postfix) with ESMTP id 017D537B718 for ; Fri, 2 Mar 2001 04:37:58 -0800 (PST) (envelope-from Johnny.Dang@msmail.unitedway.org) Received: by msmail.unitedway.org with Internet Mail Service (5.5.2650.21) id <1080M1WZ>; Fri, 2 Mar 2001 07:47:30 -0500 Message-ID: From: Johnny.Dang@msmail.unitedway.org To: FREEBSD-IPFW@FREEBSD.ORG Subject: IPFW and NATD--Please help me! Date: Fri, 2 Mar 2001 07:47:23 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01C0A316.F0FA214A" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01C0A316.F0FA214A Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C0A316.F0FA214A" ------_=_NextPart_001_01C0A316.F0FA214A Content-Type: text/plain; charset="iso-8859-1" Hi all, First of all, I am sorry if this is wrong mailing list. However, I do desparetely need some help here. My name is Johnny Dang. I have been running RedHat Linux 6.1, 6.2 and 7.0.... I use it as a Router/Firewall/IPMASQUERADING for a small church in Silver Spring... I don't want them to pay for Microsoft since they don't make money out of it. Anyway, I am getting with the anarchy of Linux so overheard of FreeBSD, I decide to subcribce (rather than download for free--I want to keep the FreeBSD alive) the 4.2 CDs. To be honest, I am in love with at the first moment...I DO NOT WANT TO BACK TO REDHAT.... Like I mention above, I try to reset the new FreeBSD as a ROUTER/Firewall/NATD in this case. I did make the NATD work (all PC in the internal now have access to the Internet--eventhough it is a wide opened firewall)...The problem I have now is I cannot redirect the traffic from outside to the inside. For example, I will have another FreeBSD running WWW amd Mail server. I cannot redirect the tcp port 80, 443, nor 22, 23 to another internal PC. I read the NATD manual, and IPFW manual.. Still, I have no luck. I read all the FreeBSD diary, other web sites. Still have no luck. Can you all help me? I need steps by steps, or any good book about NATD and IPFW? Also, should I move to IP-NAT or IP-Filter? Can I use IPFWADM from Linux or IPCHAINS? Please help. I try to IP alias last night until 2:00AM with no luck... Here is my network: Internet ------ Free BSD (two NICS)-------------------------->PC 1 (WWW + Mail Server)---------PC 2- (telnet)-----Local LAN IP1: 123.123.123.123 IP 192.168.1.2 IP 192.168.1.5 192.168.1.10-25 IP2: 192.168.1.1 IPFIREWALL IPDIVERT I can not run the most basic IPFW script (wide open)... I can wait to read and change the script later... But I need to know how to redirect the traffic from outside (ports 80, 443, 22, 23, and 25) to the local LAN... Please help me. A good script, a web site, a white paper, or even a good book... Thanks for your help. ------_=_NextPart_001_01C0A316.F0FA214A Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable IPFW and NATD--Please help me!

Hi all,
First of all, I am = sorry if this is wrong mailing list. However, I do desparetely need = some help here. My name is Johnny Dang. I have been running RedHat = Linux 6.1, 6.2 and 7.0.... I use it as a Router/Firewall/IPMASQUERADING = for a small church in Silver Spring... I don't want them to pay for = Microsoft since they don't make money out of it. Anyway, I am getting = with the anarchy of Linux so overheard of FreeBSD, I decide to = subcribce (rather than download for free--I want to keep the FreeBSD = alive) the 4.2 CDs. To be honest, I am in love with at the first = moment...I DO NOT WANT TO BACK TO REDHAT....

Like I mention above, = I try to reset the new FreeBSD as a ROUTER/Firewall/NATD in this = case.  I did make the NATD work (all PC in the internal now have = access to the Internet--eventhough it is a wide opened firewall)...The = problem I have now is I cannot redirect the traffic from outside to the = inside. For example, I will have another FreeBSD running WWW amd Mail = server.  I cannot redirect the tcp port 80, 443, nor 22, 23 to = another internal PC. I read the NATD manual, and IPFW manual.. Still, I = have no luck. I read all the FreeBSD diary, other web sites. Still have = no luck. Can you all help me? I need steps by steps, or any good book = about NATD and IPFW? Also, should I move to IP-NAT or IP-Filter? Can I = use IPFWADM from Linux or IPCHAINS? Please help. I try to IP alias last = night until 2:00AM with no luck... Here is my network:

Internet ------ Free = BSD (two NICS)-------------------------->PC 1 (WWW + Mail = Server)---------PC 2- (telnet)-----Local LAN

               IP1: = 123.123.123.123     =         =       IP 192.168.1.2    =         =        IP 192.168.1.5   = 192.168.1.10-25
               IP2: = 192.168.1.1         =            
               = IPFIREWALL
               = IPDIVERT

I can not run the most = basic IPFW script (wide open)... I can wait to read and change the = script later... But I need to know how to redirect the traffic from = outside (ports 80, 443, 22, 23, and 25) to the local LAN... Please help = me. A good script, a web site, a white paper, or even a good book... = Thanks for your help.



  ------_=_NextPart_001_01C0A316.F0FA214A-- ------_=_NextPart_000_01C0A316.F0FA214A Content-Type: application/octet-stream; name="Johnny Dang (E-mail).vcf" Content-Disposition: attachment; filename="Johnny Dang (E-mail).vcf" BEGIN:VCARD VERSION:2.1 N:Dang;Johnny FN:Johnny Dang (E-mail) TITLE:MCSE TEL;WORK;VOICE:(703) 836-7122 #405 TEL;HOME;VOICE:(301) 439-3097 TEL;CELL;VOICE:(240) 461-7851 ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;9304 Piney Branch Road =0D=0A#105;Silver Spring;MD;20903;United States of = America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:9304 Piney Branch Road =0D=0A#105=0D=0ASilver Spring, MD 20903=0D=0AUnited S= tates of America EMAIL;PREF;INTERNET:johnny.dang@johnnydang.net REV:20001103T135005Z END:VCARD ------_=_NextPart_000_01C0A316.F0FA214A-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Mar 2 5:40:22 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from ra.upan.org (ra.upan.org [204.107.76.19]) by hub.freebsd.org (Postfix) with ESMTP id 3D28F37B719 for ; Fri, 2 Mar 2001 05:40:18 -0800 (PST) (envelope-from mikel@ocsinternet.com) Received: from ocsinternet.com (localhost.upan.org [127.0.0.1]) by ra.upan.org (8.11.1/8.11.1) with ESMTP id f22DeRH34546; Fri, 2 Mar 2001 08:40:27 -0500 (EST) (envelope-from mikel@ocsinternet.com) Message-ID: <3A9FA2CB.E07DC0D2@ocsinternet.com> Date: Fri, 02 Mar 2001 08:40:27 -0500 From: Mikel King Organization: OCS Internet X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Johnny.Dang@msmail.unitedway.org Cc: FREEBSD-IPFW@FreeBSD.ORG Subject: Re: IPFW and NATD--Please help me! References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG John, Two things it would be helpful if you lost the html formating in you mail to the lists as well as turn wrapping onto say 67 characters. Most of the poeople wo would otherwise respond cat not becasue your request isn't readable to them at all. Take moment to try reading you mail ine pine or mutt and you'll understand. Ok and now secondly, please submit a copy of the relevant bits from your kernel.conf, rd.natd, rc.firewall so that we may help you. On a side note how many outside IP addresses do you actually have? Cheers, Mikel Johnny.Dang@msmail.unitedway.org wrote: > > > Hi all, > First of all, I am sorry if this is wrong mailing list. However, I do > desparetely need some help here. My name is Johnny Dang. I have been > running RedHat Linux 6.1, 6.2 and 7.0.... I use it as a > Router/Firewall/IPMASQUERADING for a small church in Silver Spring... > I don't want them to pay for Microsoft since they don't make money out > of it. Anyway, I am getting with the anarchy of Linux so overheard of > FreeBSD, I decide to subcribce (rather than download for free--I want > to keep the FreeBSD alive) the 4.2 CDs. To be honest, I am in love > with at the first moment...I DO NOT WANT TO BACK TO REDHAT.... > > Like I mention above, I try to reset the new FreeBSD as a > ROUTER/Firewall/NATD in this case. I did make the NATD work (all PC > in the internal now have access to the Internet--eventhough it is a > wide opened firewall)...The problem I have now is I cannot redirect > the traffic from outside to the inside. For example, I will have > another FreeBSD running WWW amd Mail server. I cannot redirect the > tcp port 80, 443, nor 22, 23 to another internal PC. I read the NATD > manual, and IPFW manual.. Still, I have no luck. I read all the > FreeBSD diary, other web sites. Still have no luck. Can you all help > me? I need steps by steps, or any good book about NATD and IPFW? Also, > should I move to IP-NAT or IP-Filter? Can I use IPFWADM from Linux or > IPCHAINS? Please help. I try to IP alias last night until 2:00AM with > no luck... Here is my network: > > Internet ------ Free BSD (two NICS)-------------------------->PC 1 > (WWW + Mail Server)---------PC 2- (telnet)-----Local LAN > > IP1: 123.123.123.123 IP > 192.168.1.2 IP 192.168.1.5 192.168.1.10-25 > IP2: 192.168.1.1 > IPFIREWALL > IPDIVERT > > I can not run the most basic IPFW script (wide open)... I can wait to > read and change the script later... But I need to know how to redirect > the traffic from outside (ports 80, 443, 22, 23, and 25) to the local > LAN... Please help me. A good script, a web site, a white paper, or > even a good book... Thanks for your help. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Mar 2 11:30:46 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from ch.wks.ch (lsne-dhcp-5-51.urbanet.ch [195.202.205.51]) by hub.freebsd.org (Postfix) with ESMTP id 5C87E37B718 for ; Fri, 2 Mar 2001 11:30:41 -0800 (PST) (envelope-from wks@ch.wks.ch) Received: (from wks@localhost) by ch.wks.ch (8.11.1/8.11.1) id f22JSIg01266; Fri, 2 Mar 2001 20:28:18 +0100 (CET) Date: Fri, 2 Mar 2001 20:28:18 +0100 From: Claudio Eichenberger To: Johnny.Dang@msmail.unitedway.org Cc: FREEBSD-IPFW@FreeBSD.ORG Subject: Re: IPFW and NATD--Please help me! Message-ID: <20010302202818.B493@wks.ch> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from Johnny.Dang@msmail.unitedway.org on Fri, Mar 02, 2001 at 07:47:23AM -0500 X-Operating-System: FreeBSD Organisation: WKS Working Solutions GmbH Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2001.03.02 07:47:23, Johnny.Dang@msmail.unitedway.org wrote: > Hi all, > First of all, I am sorry if this is wrong mailing list. However, I do > desparetely need some help here. My name is Johnny Dang. I have been running > RedHat Linux 6.1, 6.2 and 7.0.... I use it as a > Router/Firewall/IPMASQUERADING for a small church in Silver Spring... I > don't want them to pay for Microsoft since they don't make money out of it. > Anyway, I am getting with the anarchy of Linux so overheard of FreeBSD, I > decide to subcribce (rather than download for free--I want to keep the > FreeBSD alive) the 4.2 CDs. To be honest, I am in love with at the first > moment...I DO NOT WANT TO BACK TO REDHAT.... > > Like I mention above, I try to reset the new FreeBSD as a > ROUTER/Firewall/NATD in this case. I did make the NATD work (all PC in the > internal now have access to the Internet--eventhough it is a wide opened > firewall)...The problem I have now is I cannot redirect the traffic from > outside to the inside. For example, I will have another FreeBSD running WWW > amd Mail server. I cannot redirect the tcp port 80, 443, nor 22, 23 to > another internal PC. I read the NATD manual, and IPFW manual.. Still, I have > no luck. I read all the FreeBSD diary, other web sites. Still have no luck. > Can you all help me? I need steps by steps, or any good book about NATD and > IPFW? Also, should I move to IP-NAT or IP-Filter? Can I use IPFWADM from > Linux or IPCHAINS? Please help. I try to IP alias last night until 2:00AM > with no luck... Here is my network: > > Internet ------ Free BSD (two NICS)-------------------------->PC 1 (WWW + > Mail Server)---------PC 2- (telnet)-----Local LAN > IP1: 123.123.123.123 IP 192.168.1.2 > IP 192.168.1.5 192.168.1.10-25 > IP2: 192.168.1.1 > IPFIREWALL > IPDIVERT I'd configure natd the way that it redirects the connections made onto the ports 80, 443, 22, 25 at the firewall to the internal hosts, like this: # cat /etc/rc.conf natd_enable="YES" natd_interface="external_NIC" natd_flags="-s -redirect_port tcp IP_internal_www_server:80 IP_outside_firewall:80 \ -redirect_port tcp IP_internal_www_server:443 IP_outside_firewall:443 \ -redirect_port tcp IP_internal_mail_server:25 IP_outside_firewall:25 \ -redirect_port tcp IP_internal_ssh_server:22 IP_outside_firewall:22 " > > I can not run the most basic IPFW script (wide open)... I can wait to read > and change the script later... But I need to know how to redirect the > traffic from outside (ports 80, 443, 22, 23, and 25) to the local LAN... > Please help me. A good script, a web site, a white paper, or even a good > book... Thanks for your help. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Mar 2 17: 4:13 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from johnnydang.net (cd-140-202.ra30.dc.capu.net [64.50.140.202]) by hub.freebsd.org (Postfix) with ESMTP id 8A2AA37B719 for ; Fri, 2 Mar 2001 17:04:08 -0800 (PST) (envelope-from johnny_dang@johnnydang.net) Received: from localhost (johnny_dang@localhost) by johnnydang.net (8.11.1/8.11.1) with ESMTP id f2315Sd00283 for ; Fri, 2 Mar 2001 20:05:33 -0500 (EST) (envelope-from johnny_dang@johnnydang.net) Date: Fri, 2 Mar 2001 20:05:27 -0500 (EST) From: Johnny Dang Reply-To: johnny.dang@johnnydang.net To: FreeBSD IpFW Subject: Thanks you all!!! It is rock&roll NOW Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all FreeBSDs, Thanks millions for all your help (especially those people who respond and help--Patrick for the natd.conf)...The trick here is: KILLALL NATD and then run the command natd -f /etc/natd.conf... I did not issue the command killall natd to stop the service and restart it. I am staying with FreeBSD all the way...Thanks again... It is Friday and I was able to go home on time... Thanks to your guys. Next week, I will work to make my rc.firewall much much secure... I close the site down today. As you can see, I came from the world of MS (shame on me)... I need money folks, to support my family... I am not that good on Unix yet...This will be my 2nd year dealing with Linux, Unix. Life is learning... A small cup of beer on Friday: WHY IS THE REDIRECT_PORT TCP 23 is taking sooooo long to get to the site while the tcp 80 is just a snap shop? A bug on the IPFW and NATD? Enjoy the weekend. Count on me on the questions like this in the future.... ++++++++++++++++++++++++++++++++++++++++++++++++++ "The instructions said to use Windows 98 or better, so I installed FreeBSD...It is working now!..." ++++++++++++++++++++++++++++++++++++++++++++++++++ Johnny Dang Senior Network Engineer/MCSE + Internet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message