Date: Tue, 9 Sep 2003 17:50:56 -0400 From: "Dennis B. Hopp" <dhopp@coreps.com> To: "'Thomas Dwyer'" <tom@dwyers.ca>, <freebsd-ipfw@freebsd.org> Subject: RE: ipfw - natd - Port Forwarding Message-ID: <000601c3771c$75a62c00$0201a8c0@dennis> In-Reply-To: <000a01c37711$872b0a00$020010ac@protechnologies>
next in thread | previous in thread | raw e-mail | index | archive | help
Your firewall rules need to let it through too....I think something like this should work (it needs to go after the ipdivert statement) 00501 allow tcp from any to 192.168.0.1 27015 in recv fxp0 keep-state --Dennis -----Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Thomas Dwyer Sent: Tuesday, September 09, 2003 4:33 PM To: freebsd-ipfw@freebsd.org Subject: ipfw - natd - Port Forwarding Hello; I'm having a problem getting port forwarding working with FreeBSD 4.8. I have the following options compiled in the kernel: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=15 options IPDIVERT options IPFIREWALL_DEFAULT_TO_ACCEPT My ipfw config is: 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00500 divert 8668 ip from any to any via fxp0 65535 allow ip from any to any The applicable options I have specified in rc.conf are: firewall_enable="YES" gateway_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/natd.conf" And in the natd.conf file I have: log yes interface fxp0 use_sockets yes same_ports yes redirect_port tcp 192.168.0.1:27015 27015 The workstation 192.168.0.1 is a Windows 2000 machine. The default gateway is the internal IP address of the firewall which is 192.168.0.254 All internet browsing, tracert, ping etc works from the Windows 2000 machine out to the internet. I have telnet server running on the windows 2000 machine listening on port 27015. I can telnet to it from another workstation on the LAN as well as from the firewall directly through the LAN interface. When I try it from an outside source it looks like traffic is arriving at the Windows 2000 machine (the little computer screens for the LAN connection flash on the tray icon) but the connection doesn't complete and it times out. Help! Tom _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000601c3771c$75a62c00$0201a8c0>