Date: Sun, 20 Aug 2000 16:41:37 GMT From: "Ian Hunter" <ihunter@hotmail.com> To: freebsd-questions@FreeBSD.ORG Subject: NATD rules ignored, Faking the outside & bpfilter with Samba Message-ID: <LAW-F145uylJc0xvlUQ0000164f@hotmail.com>
next in thread | raw e-mail | index | archive | help
[Sorry about the wierd title - but will explain!]
Hi Folks,
I'm trying to set up VNC for access from outside my network. I'm using
ipfw/natd on a pure FBSD box to talk to an internal WinTel box. However, I
can't connect.
After much trial & error & head scratches, I've deduced that my natd rules
are being ignored. I've set up the simplest config files I could and they
are below, together with natd verbose output. Any suggestions much
appreciated!
The other parts of the subject? Well on my travels it would have been nice
to have faked an outside connecting client (ie a connection coming in
through tun0). Is there a way of doing this?
AND
I tried to get bpfilter working, and managed. But samba just wouldn't work.
Again any suggestions appreciated.
==================================================================
[I think I've given all necessary info...please let me know if I should give
more]
Working with FreeBSD 3.1 RELEASE off a CD
rc.firewall
-----------
/sbin/ipfw -f flush
/sbin/ipfw add divert natd all from any to any via tun0
/sbin/ipfw add pass log all from any to any
natd.conf
---------
interface tun0
dynamic yes
redirect_port tcp <INTERNAL_IP>:5800 5800
redirect_port tcp <INTERNAL_IP>:5900 5900
natd log
--------
In [TCP] <EXTERNAL_IP>:1027 -> <IFACE_IP>:5800 aliased to
<EXTERNAL_IP>:1027 -> <IFACE_IP>:5800
Out [TCP] <IFACE_IP>:5800 -> <EXTERNAL_IP>:1027 aliased to
<IFACE_IP>:5800 -> <EXTERNAL_IP>:1027
[No ref. to <INTERNAL_IP> at all!]
My rules seem to be being ignored.
Any suggestions, gratefully recieved.
Many Thanks
Ian Hunter
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LAW-F145uylJc0xvlUQ0000164f>