From owner-freebsd-questions Thu Oct 10 14:31:42 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BCC3B37B406 for ; Thu, 10 Oct 2002 14:31:39 -0700 (PDT) Received: from skywalker.rogness.net (skywalker.rogness.net [64.251.173.102]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1C81743EB7 for ; Thu, 10 Oct 2002 14:31:39 -0700 (PDT) (envelope-from nick@rogness.net) Received: from skywalker.rogness.net (localhost [127.0.0.1]) by skywalker.rogness.net (8.12.5/8.12.5) with ESMTP id g9ALZd0H003080; Thu, 10 Oct 2002 15:35:39 -0600 (MDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by skywalker.rogness.net (8.12.5/8.12.5/Submit) with ESMTP id g9ALZXXL003077; Thu, 10 Oct 2002 15:35:39 -0600 (MDT) X-Authentication-Warning: skywalker.rogness.net: nick owned process doing -bs Date: Thu, 10 Oct 2002 15:35:31 -0600 (MDT) From: Nick Rogness To: wolf Cc: Marc Hunter , Subject: Re: ipfw and natd during internal to internal access ... In-Reply-To: <3DA5EF8D.6040108@hq.dyns.cx> Message-ID: <20021010152806.D2374-100000@skywalker.rogness.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 10 Oct 2002, wolf wrote: > You might try freebsd-hackers or freebsd-stable mailing lists. They are > more technically oriented for things like this. Um, no don't send this to hackers or stable. That is not their focus. This type of question is a newbie question and belongs on this list. This question gets asked probably once a month or so...maybe needs to be added to someone's FAQ I suppose. Besides, they will probably tell you the same thing that was mentioned below. > > Nick Rogness wrote: > > > On Thu, 10 Oct 2002, Marc Hunter wrote: > > > > > >>Hi, > >> > >>We have just implemented an ipfw and natd firewall and generally it > >>works great. We are using natd for traffic going out and to redirect > >>outside traffic on port 80 to a particular webserver. However, when a > >>machine within the network attempts to access the web server through its > >>external address (using the domain name for instance) it doesn't work. > >> > >>Is there some special trick to deal with this? > >> > > > > Yeh, run an internal DNS server which resolves the site > > differently on the inside of your network to the internal address. > > > > Any other workaround is considered shitty by most people, like: > > > > ipfw divert natd all from any to any via $outside_int > > ipfw divert natd all from any to any via $inside_int > > > > However, this would probably work [not sure]. > > > > Nick Rogness > > - WARNING TO ALL PERSONNEL: > > Firings will continue until morale improves. > > > Nick Rogness - WARNING TO ALL PERSONNEL: Firings will continue until morale improves. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message