From owner-freebsd-isp Wed Feb 24 13:53:50 1999 Delivered-To: freebsd-isp@freebsd.org Received: from mailhub.ainet.com (mailhub.ainet.com [204.30.40.29]) by hub.freebsd.org (Postfix) with ESMTP id 6B4FF119D9 for ; Wed, 24 Feb 1999 13:38:25 -0800 (PST) (envelope-from jmscott@ainet.com) Received: from shell.ainet.com (jmscott@shell.ainet.com [204.30.40.108]) by mailhub.ainet.com (8.9.1/8.9.1) with SMTP id WAA29938; Tue, 23 Feb 1999 22:32:52 -0800 (PST) Received: from localhost by shell.ainet.com (4.1/SMI-4.1) id AA06384; for freebsd-isp@FreeBSD.ORG; Tue, 23 Feb 99 22:35:31 PST Date: Tue, 23 Feb 1999 22:35:31 -0800 (PST) From: "Joseph M. Scott" To: "Abraham J. Stephens" Cc: freebsd-isp@FreeBSD.ORG Subject: Re: natd question In-Reply-To: <199902231514.KAA15836@aasis.albany-academy.org> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 23 Feb 1999, Abraham J. Stephens wrote: > I have a sun box sitting on a private network (10.0.0.0) I would like to 1) > be able to access the rest of the world from that box, and 2) be able to > access specific ports on that box from the rest of the world. (I need to run > a mail, pop3, and web server on the sun.) Ok, this makes sense..... > > If I have the following configuration on the freebsd box (running 2.2.5): > ed0: 205.181.13.180 > ed1: 10.0.0.8 > > and ipfw: > 300 divert 6668 ip from any to any via ed0 > 400 divert 6668 ip from any to any via ed1 Here's where I started wondering why..... it's been awhile but you should only have to use divert once. Check out the man page for natd, it gives a basic setup. You may also want to check out : http://www.dvl-software.com/freebsd/natd.htm > 500 allow ip from any to any > > Then if I execute the command > natd -same_ports -use_sockets -interface ed0 -redirect_address 10.0.0.8 > 0.0.0.0 > > I am able to access the rest of the 205.181.13.0 network from the sun box > sitting on the 10.0.0.0 network. > > Also if instead I execute: > > natd -same_ports -use_sockets -interface ed1 -redirect_port tcp 10.0.0.6:80 \ > 205.181.13.180:80 > > (the sun's ip address is 10.0.0.6) > I am able to connect to the web server on the sun via 205.181.13.180:80. > > I'd like to be able to do both at the same time. Is this possible? If so how > can I go about doing it- I've been taking shots in the dark up to this > point. I've attempted to run two copies of natd- using two firewall rules to > divert ed0 traffic to a natd on 6668 and ed1 traffic to a natd on 6669, but > this did not acomplish anything. If I'm remembering everything correctly the answer is yes you can do both at the same time, running natd only once. I believe the problem is coming from trying to divert twice. > > -Thanks for any help, > > > Abraham J. Stephens > MMime v.3 -- Email from anywhere! > > * Joseph M. Scott * jmscott@ainet.com * American InfoMetrics * Modesto, CA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message