Date: Thu, 14 May 2009 18:34:56 +0200 From: Bernt Hansson <bernt@bah.homeip.net> To: alexus <alexus@gmail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: ipnat port-range Message-ID: <4A0C4830.5090304@bah.homeip.net> In-Reply-To: <6ae50c2d0905131109j7d61075ao1a0b329a1b2fd122@mail.gmail.com> References: <6ae50c2d0905130958r6877114bgbea6a4f717c1287d@mail.gmail.com> <6ae50c2d0905131109j7d61075ao1a0b329a1b2fd122@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
alexus said the following on 2009-05-13 20:09: > On Wed, May 13, 2009 at 12:58 PM, alexus <alexus@gmail.com> wrote: >> i need to redirect bunch of ports, or port-range from outside to my jail >> >> # /etc/rc.d/ipnat reload >> /etc/rc.d/ipnat: DEBUG: checkyesno: ipnat_enable is set to YES. >> /etc/rc.d/ipnat: DEBUG: run_rc_command: doit: /sbin/ipnat -F -C -f >> /etc/ipnat.rules >> 0 entries flushed from NAT table >> 2 entries flushed from NAT list >> syntax error error at "port-range", line 8 >> # grep port-range /etc/ipnat.rules >> rdr bce0 0/0 port-range 49152:65534 -> lama port-range 49152:65534 tcp >> # > > that rule is wrong to begin with as rdr doesn't work with ranges, i > guess I need to use something else.. > > anyone done something like that? use ipnat to map range of ports? this > is for ftp PASV > Have you tried this? # $FreeBSD: src/share/examples/ipfilter/ipnat.conf.sample,v 1.1.34.1 2008/11/25 02:59:29 kensmith Exp $ map ed1 192.168.0.0/24 -> 192.168.1.110/32 portmap tcp/udp 40000:65000 map ed1 192.168.0.0/24 -> 192.168.1.110/32
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A0C4830.5090304>