Date: Wed, 13 Mar 2002 11:39:48 -0500 (EST) From: alan@quay.net (Alan McKay) To: freebsd-questions@freebsd.org Subject: ipfw/pppoe/nat trouble Message-ID: <20020313163949.11A2B5D4A@victory.quay.net>
next in thread | raw e-mail | index | archive | help
So should I give up on PPP's native NAT and switch to NATD? Anyone know what could be up here? thanks, -Alan Folks, I'm using FreeBSD 4.5 RELEASE for my firewall, and using it's native ppp to manage my PPPoE connection. When doing this, one uses ppp's native NAT, and not natd. I have a web cam running on port 80 of a private PC at home, and want to forward that out to some obscure port on the firewall. Let's just say for the sake of argument port 4711. My firewall (ipfw) rules include : allow tcp from any to <my-external-IP> 4711 setup I have the same rule on port 80 for the apache server running on the firewall, and it works. The above rulle I have right beside my port 80 rule in the this. However, when I try to hit port 4711 from outside, and do a "ipfw show", it drops right through that rule to about 5 rules below where I deny all connections from outside (after allowing the few that I want to allow). So I never get to try to see if my NAT rules are correct. In my /etc/ppp/ppp.conf file I have (among other things) : nat enable yes nat log yes nat target MYADDR nat port tcp <private-ip-of-webcam-PC>:80 4711 Any ideas why my firewall rule is not allowing the 4711 connection? I'm stumped! Are there any good examples of using PPPoE's NAT in combo with ipfw to port-forward to something on the private side? cheers, -Alan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020313163949.11A2B5D4A>