From owner-freebsd-security Wed Jan 26 16: 6:42 2000 Delivered-To: freebsd-security@freebsd.org Received: from relay.nuxi.com (nuxi.cs.ucdavis.edu [169.237.7.38]) by hub.freebsd.org (Postfix) with ESMTP id 9A1FD1548B for ; Wed, 26 Jan 2000 16:06:39 -0800 (PST) (envelope-from lam@NUXI.com) Received: from localhost (lam@localhost) by relay.nuxi.com (8.9.3/8.9.3) with SMTP id QAA34841 for ; Wed, 26 Jan 2000 16:06:39 -0800 (PST) (envelope-from lam@relay.nuxi.com) Date: Wed, 26 Jan 2000 16:06:39 -0800 (PST) From: lam To: freebsd-security@freebsd.org Subject: poke a hole through a wall Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Group, I posted this question in questions@freebsd.org with no results. I hope I can find an annswer here. This is not a pure security question, but it might be a security realted issue. If it's not, I apologize in advance. Goal: poke a hole throught the firewall. (?) The original setup: An incoming ISDN is going into a 700 Cisco router; connecting an NT workstation to my roomate's company (as a dhcp client). Among normal usage (webpage, wp, mail) that NT is also connecting to the company sun servers with a X client or server (X reflection), for debuging/developing. The improved setup: An 486 with 2 nics, one is connecting with the cisco router as a dhcp client, the other nic is connecting with internal systems (the original NT, a FreeBSD system, and more in the future). So far, things seem ok with one exception. The problem: The NT X Reflection (X client/server) is not working. If I connect the NT directly to the Cisco router, there is no problem. As soon as I connect my 486 router, it won't start up the (client?) application. The tries and errors?: 1. Adding "use_sockets yes" and "same_ports yes" in /etc/natd.conf 2. Adding "natd_flags=-dynamic -redirect_ports tcp target_ip:6000-6063 6000-6063", this is a guess: I looked at /etc/services and those ranges seem logical. 3. in tcpdump, I can't see those ports in demand at all. All I see are telnet ports. Any sugestions are more than welcome. Any pointers to the docs, anything at all. Thanks for reading. ---Lam Nguyen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message