From owner-freebsd-questions@FreeBSD.ORG Wed Jul 13 06:05:41 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F2024106564A for ; Wed, 13 Jul 2011 06:05:41 +0000 (UTC) (envelope-from btillman99@yahoo.com) Received: from nm14.bullet.mail.ac4.yahoo.com (nm14.bullet.mail.ac4.yahoo.com [98.139.52.211]) by mx1.freebsd.org (Postfix) with SMTP id 982428FC12 for ; Wed, 13 Jul 2011 06:05:41 +0000 (UTC) Received: from [98.139.52.195] by nm14.bullet.mail.ac4.yahoo.com with NNFMP; 13 Jul 2011 06:05:40 -0000 Received: from [98.139.52.151] by tm8.bullet.mail.ac4.yahoo.com with NNFMP; 13 Jul 2011 06:05:40 -0000 Received: from [127.0.0.1] by omp1034.mail.ac4.yahoo.com with NNFMP; 13 Jul 2011 06:05:40 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 724342.59393.bm@omp1034.mail.ac4.yahoo.com Received: (qmail 35195 invoked by uid 60001); 13 Jul 2011 06:05:40 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1310537140; bh=MxpMJv2e3J3KD9Gg+Nc36ntNgSTy0OgUg6tWgTPNo1o=; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=q1CNQ1i8wEO8xVFPg4fKp0jB59AMl3s1z9wUG3IDvjKHRpBqmKXn7R45HlR+6vfBdhc4LAGdVr63FwOt4RImcpa/B88C0MZvCd4a2iKdC/Bek+d0Eor8zqncsB172/Aq3N1spcXMFNU49vlPjKInMEyKcUeLpWXqW2bqsIvCSfI= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=6MsO747Vd4OR10ki6NSW1BohxbavcgKOsETjth9O/wO67uyWncrRl+XPb477GEV3XRd+JCT7VKPDwBez9c5vnBuhH9RRh0fXhUGdyXN/wkOheKnI/l7iIkxagTEhkfMMiWtA5HV5yJ6Ie/VIQRRBQdg3QnOwLOLd8vPAB6YwEiU=; X-YMail-OSG: 9wmOP0oVM1mpyvUO27pph6X1NxdfTNq9xo_WESL1Oyt_mEb Tib7M_chK9tggzQWNiJsndwl7vB25eia.RXKSU1YyA49Kp5g5YTRDUG_XE_X 4nGw7B6t8YiJ.8eHBJ.1iOTllqll7da1fBOw5QggkwpDEgBpP015vaF.YPf6 m3OydmfvoXn4qvmP2p1.LzDfGL_mE36.ua7wAJouWdhkmoVybF0akrR.9jPV _ydZj03LevOVoihMKtBybyDPlYhOsptKus0SiXVUn.S6pCxqPMwG1MrvscYH N7eK95JtzAQlxqIJyJys1nXwPGN61VMHOeI3RSp.zag6k43_g2heY4zW1OyK GADIqso7OXcvMjZ_3a7akKEiBsv_Ht_ROOzqZadpFCqPTzfCre6c2k2mjMr1 Oc7kaGblSciS5Ey0TdwvAqUjwBinQcbtRX5FBxWMUTECo7rYyTtXij6wxxhF ySRTQOlUzNVSKfm2WKDdTN.NTxko- Received: from [76.108.201.66] by web36506.mail.mud.yahoo.com via HTTP; Tue, 12 Jul 2011 23:05:40 PDT X-Mailer: YahooMailRC/572 YahooMailWebService/0.8.112.307740 References: <20110711170729.GG6611@dan.emsphone.com> <1310473165.58370.YahooMailRC@web36501.mail.mud.yahoo.com> <20110712160304.GI6611@dan.emsphone.com> Message-ID: <1310537140.18043.YahooMailRC@web36506.mail.mud.yahoo.com> Date: Tue, 12 Jul 2011 23:05:40 -0700 (PDT) From: Bill Tillman To: freebsd-questions@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: IPFW Firewall NAT inbound port-redirect X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Jul 2011 06:05:42 -0000 =0A=0A=0A=0A=0A________________________________=0AFrom: Michael Sierchio =0ATo: Dan Nelson =0ACc: Bill Ti= llman ; freebsd-questions@freebsd.org=0ASent: Tue, Ju= ly 12, 2011 6:35:19 PM=0ASubject: Re: IPFW Firewall NAT inbound port-redire= ct=0A=0AWe're not talking about natd.=A0 The question was about the use of = ipfirewall nat.=0A=0AOn Tue, Jul 12, 2011 at 9:03 AM, Dan Nelson wrote:=0A> In the last episode (Jul 12), Michael Sierchio s= aid:=0A>> Is there a way of specifying a particular public address if there= is=0A>> more than one bound to the external interface? =A0A la=0A>>=0A>> n= at 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 =0A>>10= 2.10.22.1:2222=0A>=0A> Yes; the redirect_port syntax is described in the na= td manpage:=0A>=0A> =A0 =A0 redirect_port proto targetIP:targetPORT[-target= PORT]=0A> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 [aliasIP:]aliasPORT[-aliasPORT]= =0A> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 [remoteIP[:remotePORT[-remotePORT]]]= =0A>=0A>=0A>=0A> --=0A> =A0 =A0 =A0 =A0Dan Nelson=0A> =A0 =A0 =A0 =A0dnelso= n@allantgroup.com=0A> _______________________________________________=0A> f= reebsd-questions@freebsd.org mailing list=0A> http://lists.freebsd.org/mail= man/listinfo/freebsd-questions=0A> To unsubscribe, send any mail to "freebs= d-questions-unsubscribe@freebsd.org"=0A>=0A________________________________= _______________=0Afreebsd-questions@freebsd.org mailing list=0Ahttp://lists= .freebsd.org/mailman/listinfo/freebsd-questions=0ATo unsubscribe, send any = mail to "freebsd-questions-unsubscribe@freebsd.org"=0A=0A=0ANATD and IPFW w= ork together. It's a little hard to explain in this format so as =0ADan sug= gests, you should read the manpage on each. Also, do some google searches = =0Aand you will find many helpful articles. But take my word for this, you = can do =0Aexactly what you want with IPFW+NATD. There are those who will pr= obably promote =0APF as the firewall of choice as well. It all depends on w= hat you become familiar =0Awith.