Date: Fri, 28 Sep 2001 22:13:09 -0500 (CDT) From: Nick Rogness <nick@rogness.net> To: Bryce Newall <data@dreamhaven.org> Cc: FreeBSD Questions List <freebsd-questions@FreeBSD.ORG> Subject: Re: Natd/ipfw/redirect issue Message-ID: <Pine.BSF.4.21.0109282211190.76693-100000@cody.jharris.com> In-Reply-To: <Pine.BSF.4.33.0109281948380.580-100000@ds9.dreamhaven.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 28 Sep 2001, Bryce Newall wrote: [snip] > > The rule I added was: > > ipfw add fwd 192.168.1.201,25 tcp from any to <external.ip.address> 25 > > I'm assuming I have the syntax correct, i.e. "forward anything > destined for <external.ip.address> on port 25 to 192.168.1.201 on port > 25". I even tried adding "via xl1" (xl1 = the internal interface on > the FreeBSD firewall), but still no luck. I had hoped that such an > ipfw rule would allow both internal machines to reach the mail server > properly, *and* allow external machines to reach it. With just the > ipfw rule in place, no machines could reach it at all. Using natd, > external machines could reach it, but not internal ones. NO! You want to use the redirect_port option to natd NOT IPFW FWD!!! man natd Nick Rogness <nick@rogness.net> - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0109282211190.76693-100000>