Date: Tue, 12 Sep 2000 17:54:31 -0700 From: edinel@zack.com To: freebsd-questions@freebsd.org Subject: Natd Failing to properly rewrite packets Message-ID: <20000912175431.E10483@zack.com>
next in thread | raw e-mail | index | archive | help
So I'm building a replacement for our current firewall. Right now it's set up as a firewall_type="open" firewall natd is running with the following conf file: log interface fxp0 redirect_port tcp 10.0.2.12:80 80 redirect_port tcp 10.0.0.2:22 22 IPDIVERT and IPFIREWALL are both compiled in. And yet packets sent to port 80 of the interface never come back. If I turn on verbose logging I get: natd[299]: Aliasing to 205.179.125.67, mtu 1500 bytes In [TCP] [TCP] 205.179.125.70:3094 -> 205.179.125.67:80 aliased to [TCP] 205.179.125.70:3094 -> 10.0.2.12:80 In [TCP] [TCP] 205.179.125.70:3094 -> 205.179.125.67:80 aliased to [TCP] 205.179.125.70:3094 -> 10.0.2.12:80 The truly odd thing is if I try to forward port 80 to some other *external* host, I get this: In [TCP] [TCP] 205.179.125.70:3095 -> 205.179.125.67:80 aliased to [TCP] 205.179.125.70:3095 -> 171.64.13.135:80 Out [TCP] [TCP] 205.179.125.70:3095 -> 171.64.13.135:80 aliased to [TCP] 205.179.125.67:3095 -> 171.64.13.135:80 And the port-forwarding works. I'm out of guesses, any help from the crowds? -- | Eddie Dinel | eddie@zack.com | | Zack Network | (650) 286 9225 x3032 | |---------------------------------------------------------------------------| | I don't know, it looks kinda like a squirrel to me... | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000912175431.E10483>