Date: Tue, 22 Dec 2009 19:55:00 +0300 (MSK) From: "Igor V. Ruzanov" <igorr@canmos.ru> To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru> Cc: Tiago <tscolari@gmail.com>, freebsd-questions@freebsd.org Subject: Re: Help with ipfw please Message-ID: <Pine.LNX.4.64.0912221944060.24683@sta1.canmos.ru> In-Reply-To: <1265047402.20091222182427@yandex.ru> References: <614b39480912220459l378faa15ufa7514ce2c1d5825@mail.gmail.com> <1265047402.20091222182427@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --1800997756-74253553-1261500900=:24683 Content-Type: TEXT/PLAIN; charset=koi8-r Content-Transfer-Encoding: QUOTED-PRINTABLE -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 22 Dec 2009, =EB=CF=CE=D8=CB=CF=D7 =E5=D7=C7=C5=CE=C9=CA wrote: |=FA=C4=D2=C1=D7=D3=D4=D7=D5=CA=D4=C5, Tiago. | |=F7=D9 =D0=C9=D3=C1=CC=C9 22 =C4=C5=CB=C1=C2=D2=D1 2009 =C7., 14:59:50: | |T> Im trying to add a basic rule in my ipfw. |T> My server has 2 network address, one for external access (x.x.x.x) and = other |T> for the local network(y.y.y.y). |T> The mysql is binded to the local network, but I would like to allow my = home |T> computer (z.z.z.z) to connect to the mysql by the external ip. |T> so basicaly im trying to do is: if request comes from z.z.z.z to |T> y.y.y.y:3306 redirect to x.x.x.x:3306 |T> I tryed some configuration but I ended locked outside the machine... | |You need -redirect_port |man natd: Also it could be done at kernel-level with ipnat. Simple rule doing=20 something like DNAT looks like (/etc/ipnat.conf): rdr <input_if_name> z.z.z.z port 3306 -> x.x.x.x port 3306 tcp After when /etc/ipnat.conf is prepared, say ipnat -f /etc/ipnat.conf and=20 see active sessions with ipnat -l. Good luck. +-------------------------------------------+ ! CANMOS ISP Network ! +-------------------------------------------+ ! Best regards ! ! Igor V. Ruzanov, network operational staff! ! e-Mail: igorr@canmos.ru ! +-------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFLMPnnbt6QiUlK9twRAi2SAJ9FW9gdsHFBM6ZVrZhuIrPur7jdXACff/7z qe3vBcSjtevHsD5wKaJRVSg=3D =3DBIyk -----END PGP SIGNATURE----- --1800997756-74253553-1261500900=:24683--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.64.0912221944060.24683>