Date: Thu, 21 Oct 1999 03:16:57 -0200 From: "Julian Diego Herrera Braga" <julianherrera@uol.com.br> To: <freebsd-ipfw@FreeBSD.ORG> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: Re: What about port redirection with ip aliasing ? Message-ID: <001701bf1b83$812f7520$0201a8c0@etherial> References: <Pine.OSF.4.10.9910202112340.18550-100000@jaguar.ir.miami.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
I already checked out this manpage (I always verify the manpages before appealing to mailing lists), and I didn't find anything applicable well. In the ppprouter.nostromo machine (the gateway) I run ppp -alias to connect to the Internet (with tun0), connect through the tun1 device to the ether.nostromo (the client) and finally run natd with several configurations like : natd -v -s -redirect_port tcp 192.168.1.2:21 6666 -redirect_address \ 192.168.1.2 0.0.0.0 -n tun0 where 192.168.1.2 is ether.nostromo's IP, tun0 is the modem connection interface to the ISP and Internet. but when I try to telnet 200.191.20.193 6666 (where 200.191.20.193 is the public IP number of the local gateway computer) the connection is not made and the debug messages doesn't show any redirection from 200.230.180.18 (the ISP gateway) to the 192.168.1.2 on the 6666 port, only a redirection to the local gateway IP (in this case 200.191.20.193). So, I think there is no redirection to the ether.nostromo computer in the LAN. Also, using the 'portscanner' program on the local gateway computer (ppprouter) it doesn't show any new port (maybe the 6666, I think so). So, what's wrong ? Am I forgetting anything foolish ? May I use another program like ipfw (the local gateway is running a firewall, wich every time I run after the ppp connections and before natd) ? I'm using these ipfw options, as shown in the natd manpage : ipfw -f flush ipfw add divert natd all from any to any via tun0 ipfw add pass all from any to any Thanks in advance... ------- Original Reply Folows ------------------- > Check out the ppp manpage. The nat port command (or alias port) should do > what you want. To quote: > > nat port proto targetIP:targetPort[-targetPort] aliasPort[-aliasPort] > [remoteIP:remotePort[-remotePort]] > This command causes incoming proto connections to aliasPort > to be redirected to targetPort on targetIP. proto is either > ``tcp'' or ``udp''. > > Joe Clarke ------ Original Message Follows ------------------------ > On Wed, 20 Oct 1999, Julian Diego Herrera Braga wrote: > > > Hello... > > > > One day my computer was without available ISA slots. I installed FreeBSD but > > the damned Winmodem doesn't work, so I had a idea to resurrect the other > > pentium 100 computer to use its free slots to install an old 14kbps modem. > > FreeBSD was also loaded in this computer as a gateway to the other computer > > without modem and the internet by ip aliasing (ppp -alias). Since the > > gateway computer doesn't have better space (170mb) and power to install some > > other programs, I would like to use it only for a gateway. This is the small > > LAN : > > > > ------------------ ---------------------- > > | ether.nostromo | serial | ppprouter.nostromo | 14kbps ------------ > > | 192.168.1.2 |---------| 192.168.1.1 |---------| Internet | > > ------------------ cable ---------------------- modem ------------ > > P2 450Mhz Old Pentium 100 Mhz > > FreeBSD 3.2 FreeBSD 3.1 > > (ppp nullmodem) (ppp -alias isp) > > (ppp nullmodem) > > natd [options] > > > > My problems appeared when I tried to access the client computer from > > internet through the gateway. Such connection always finished on the > > gateway computer. Finally, what I want to know is how can I get all > > the gateway ports from telnetd, ftpd, httpd etc. redirected to the > > respective client ports. Basically, is something like to make the > > gateway computer ports invisible to the outside computers, so any > > connection addressed to its IP will finish into the client computer > > (ether.nostromo). Is this possible ? How ? Thank you for the attention. > > > > P.S.: I've used "natd -port_redirect 192.168.1.1:ftp ftp" and nothing has > > changed. I tried some other options, but I am not sure what is the best > > one. Is there any known natd guide on the internet for FreeBSD ? > > > > Regards, > > Julian Herrera mailto:julianherrera@uol.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001701bf1b83$812f7520$0201a8c0>