Date: Thu, 19 Feb 2004 08:52:32 -0700 From: "Randy Grafton" <rgrafton@indatacorp.com> To: "'Stanley Chan'" <stan@cyberec.com> Cc: freebsd-questions@freebsd.org Subject: RE: redirect port Message-ID: <07ba01c3f700$6286adc0$7764a8c0@ITDept> In-Reply-To: <368CF33D.1EA0A4E1@cyberec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Stanley, If you are using natd and have recompiled your kernel with the = appropriate options then this should work for you. These are entries to your /etc/rc.conf, (just a starting point, you can = fine tune to your needs): gateway_enable=3D"YES" firewall_enable=3D"YES" firewall_type=3D"OPEN" firewall_quiet=3D"YES" firewall_logging=3D"YES" natd_enable=3D"YES" natd_interface=3D"fxp0" natd_flags=3D"-f /etc/natd.conf" In the above statement natd_interface=3D"fxp0", fxp0 is the outside nic = of your system. Next put these statements in your /etc/natd.conf file as referenced = above, (natd.conf doesn't exist by default, you'll create it): same_ports yes dynamic yes redirect_port tcp inside_address:port outside_address:port redirect_port udp inside_address:port outside_address:port As shown above, don't forget to redirect udp traffic if the service = you're trying to facilitate needs it. Also know that the ports for the inside = and the outside don't have to match. For example, my service provider blocks http/port 80 traffic coming in to my connection so my statement in the natd.conf file would be something like: redirect_port 192.168.1.10:80 outside_address:8080 By doing so outside connectivity attempts to my isp assigned address = have to be stated as: http://outside_address:8080. FYI if you ever want to host gaming sessions on an inside system like Counter strike or Unreal Tournament, then put a couple of lines like = these in your natd.conf file, (these examples are ones that I used so that my buddies and I could blast away in Unreal Tournament): redirect_port tcp inside_address:7777-7781 outside_address:7777-7781 redirect_port udp inside_address:7777-7781 outside_address:7777-7781 As you make these changes you can apply them without restarting by = running /etc/netstart. Hope that helps. -Randy -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Stanley Chan Sent: Friday, January 01, 1999 9:10 AM To: questions@FreeBSD.org Subject: redirect port Dear Friends, The example in the NAT documents is sufficient, can anyone tell me how = to redirect ports in the NAT machine. How to put the following command in = the rc.conf ? I want to use one of the amchine behind the NAT to run web = server. -redirect_port tcp 192.168.0.2:6667 6667 -redirect_port tcp 192.168.0.3:80 80 Thanks Sanley _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?07ba01c3f700$6286adc0$7764a8c0>