From owner-freebsd-isp Tue Feb 22 12:15:17 2000 Delivered-To: freebsd-isp@freebsd.org Received: from richard2.pil.net (richard2.pil.net [207.8.164.9]) by hub.freebsd.org (Postfix) with SMTP id E355137B759 for ; Tue, 22 Feb 2000 12:15:02 -0800 (PST) (envelope-from up@3.am) Received: (qmail 33583 invoked by uid 1825); 22 Feb 2000 20:14:54 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 22 Feb 2000 20:14:54 -0000 Date: Tue, 22 Feb 2000 15:14:54 -0500 (EST) From: X-Sender: up@richard2.pil.net To: Hugh Blandford Cc: FreeBSD ISP List Subject: Re: NAT port redirection question In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 23 Feb 2000, Hugh Blandford wrote: > I take it that they are using user ppp through the tun device. I don't > know what version of FBSD you are using, but I believe you will want to > use ppp's NAT. If you have a look in man ppp there are various options to Let me clarify: We already have them running NAT with user ppp just fine, I just want to add a static port map to an internal printer on port 35. I found the commands to do so in the nat man(8) man pages, but I'm a little unclear about where/how to invoke it (FBSD 3.2-RELEASE) If you read my post again, you'll see that I put: natd_flags="-redirect_port tcp 10.0.0.133:35 35" in rc.conf after the invocation of nat and the interface info. I just wanted to make sure this is where it goes, and that I haven't missed anything. Thanks again! > do with nat. I believe you will need to be running 3.x and above to have > this in by default. Otherwise go and grab the sources that are mentioned > at http://www.awfulhak.org/ppp.html > > On Tue, 22 Feb 2000 up@3.am wrote: > > > > > I have a dedicated dialup customer who I set up a FBSD box running user > > ppp and natd on tun0, and it's been working better than any appliance I > > could imagine; Win95 boxes on the same LAN seem to browse the web faster > > than they do directly over DUN. > > > > However, they now want one of their Ether printers to be accessible from > > the Internet, so I'm trying to set up a static port map, or redirection. > > I checked out natd(8) and the command looks pretty simple, it's just a > > question or where natd is invoked. I tried this in an rc.firewall file, > > which wouldn't work: > > > > /sbin/ipfw -f flush > > /sbin/ipfw add divert natd -redirect_port tcp 10.0.0.133:35 35 \ > > all from any to any via tun0 > > /sbin/ipfw add pass all from any to any > > > > So, I went back to: > > > > /sbin/ipfw -f flush > > /sbin/ipfw add divert natd all from any to any via tun0 > > /sbin/ipfw add pass all from any to any > > > > then, in rc.conf, tried: > > > > natd_enable="YES" > > natd_interface="tun0" > > natd_flags="-redirect_port tcp 10.0.0.133:35 35" > > > > I didn't get any errors, but it doesn't appear to be working, either (I > > have the customer calling the printer vendor to make sure they have the > > printer's gateway settings correct right now). > > > > Before I pull any more hairs out, I just want to make sure I'm not missing > > anything. > > > > TIA! > > > > James Smallacombe PlantageNet, Inc. CEO and Janitor > > up@3.am http://3.am > > ========================================================================= > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am ========================================================================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message