From owner-freebsd-questions Sat Feb 23 8:31:32 2002 Delivered-To: freebsd-questions@freebsd.org Received: from hotmail.com (oe71.law10.hotmail.com [64.4.14.206]) by hub.freebsd.org (Postfix) with ESMTP id 2AC7637B400 for ; Sat, 23 Feb 2002 08:31:30 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 23 Feb 2002 08:31:30 -0800 X-Originating-IP: [24.201.83.93] From: "Sandro Mancuso" To: "'Pascal Poschenrieder'" , Subject: RE: Question about Port Forwarding Date: Sat, 23 Feb 2002 11:31:35 -0500 Message-ID: <001401c1bc87$8f5e8df0$6400a8c0@windows> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: <000001c1bc5e$b0c988b0$0100000a@DOCMOD> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-OriginalArrivalTime: 23 Feb 2002 16:31:30.0118 (UTC) FILETIME=[8C28DE60:01C1BC87] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG The easiest way to do so is by using ipnat. And ipfilter imho. (I'm a newbie, I managed to get it running after only a week of trial and error. its got to be easy ;-) check out www.obfuscation.org/ipf for an *excellent* whitepaper on that topic. What you need to do, is create a file, generally ipnat.rules and run that using ipnat (I believe it would be "ipnat -f /etc/ipnat.rules") and that will forward all specified ports in that file to the machine on the internal network you specify Assuming you already use ipnat now, all you have to add to the ipnat.rules file are rdr rules: Rdr xl0 ext.ip.add.ress port xx -> 10.0.0.2 port xx Note that to the best of my knowledge, using a port range here, ie port 1000 >< 2000 for example won't work. I've never used it though, so you might as well try. Furthermore, in case it may be of interest to you, the two port numbers do not have to be the same. You can make a rule that would translate a service run internally on port 40000 to the "correct" port on the outside, say port 22 for ssh or something. Hope this helps, good luck Here's a list of great sites to help you with this (just ignore the whole firewall part for your case). All of them mention predominantly IPFILTER, but each have to mention ipnat because the two work hand in hand. http://www.schlacter.net:8500/public/FreeBSD-STABLE_and_IPFILTER.html http://www.muine.org/~hoang/freenat.html http://www.freebsd-howto.com/HOWTO/ http://pcunix.com/Security/ipfilter.html -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG] On Behalf Of Pascal Poschenrieder Sent: February 23, 2002 6:39 AM To: freebsd-questions@FreeBSD.ORG Subject: Question about Port Forwarding Dear FreeBSD Team! I've got an old Computer with FreeBSD as its OS. This Computer is connected to the internet. It is a DSL connection. The Computer has the function of a router and it works. But there is just one problem: I wanna to forward every ports to my other computer, which is on 10.0.0.2, but I can't emagine how to do this. It is FreeBSD version 4.3. Please help me!! THX, Pascal. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message