Date: Sun, 23 Apr 2000 14:24:47 -0400 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: Alfred Perlstein <bright@wintelcom.net> Cc: Ron Smith <ronnetron@hotmail.com>, freebsd-security@FreeBSD.ORG Subject: Re: Using proxys with ipfw Message-ID: <20000423142447.E70371@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <20000421114110.D10782@fw.wintelcom.net>; from bright@wintelcom.net on Fri, Apr 21, 2000 at 11:41:10AM -0700 References: <20000421175830.78962.qmail@hotmail.com> <20000421114110.D10782@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 21, 2000 at 11:41:10AM -0700, Alfred Perlstein wrote: > * Ron Smith <ronnetron@hotmail.com> [000421 11:28] wrote: > > Hello All, > > > > I'm trying to determine if it's possible to implement smtp/pop, ftp, and www > > proxys with ipfw rules in place. If it is possible, which proxy software > > would be the best to use. I have a dual-homed gateway with ipfw rules in > > place. Everything works great , but I only have access to and from the > > Internet with NAT, at this point. I would like to add the ability to access > > a mail server behind a firewall from the outside world. I would also like to > > do the same for www and ftp services as well. Any pointers? > > I'm pretty sure both ipfw and natd offer a "forward port" option, > just check out the docs, it should be there. I would try the ipfw > stuff first as it's probably more effecient. No. The 'forward' in ipfw(8) is not meant to be used in this way. Since the original poster seems to be already using natd(8), have a look at 'redirect_port' on the natd(8) manpage. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000423142447.E70371>