Date: Wed, 26 Apr 2000 11:14:47 +0100 From: Ian Hunter <Ian.Hunter@uk.uu.net> To: "'freebsd-questions@FreeBSD.ORG'" <freebsd-questions@FreeBSD.ORG> Subject: Setting up firewall and letting thro' special services Message-ID: <B4757C8289AAD311852F00805FE64E2C2C669C@camexch3.cam.uk.internal>
next in thread | raw e-mail | index | archive | help
Hi Folks, I've managed to set up a server with a firewall and running NATD, so I'm feeling slightly smug. Thanks to those who provided me with pointers However, the reason for running natd is to allow external access to an internal service not on the FBSD box and this is not working. Could somebody just confirm that my understanding of how this should work is correct.... My rc.conf contains the following..... natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_interface="tun0" # Public interface to use with natd. natd_flags="-dynamic -f /etc/natd.rules" # Additional flags for natd. and /etc/natd.rules contains..... redirect_port udp <inside_machine>:<port> <port> [<inside_machine> is a wintel box behind my FBSD machine listening on <port> Now, my *belief* is that when I present a request from outside to the FBSD on <port>, natd translates the packets such as to set the destination as <inside_machine>, the source as the fbsd machine and then presents to the firewall which duly passes to <inside_machine>. natd somehow remembers this so as to translate replies back to the outside. So, I should be able to connect to this service from outside transparently. Any comments or suggestions much appreciated Thanks Ian Hunter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B4757C8289AAD311852F00805FE64E2C2C669C>