Date: Sun, 31 Aug 2008 16:31:19 +0200 From: "Marin Bek" <marin.bek@gmail.com> To: freebsd-net@freebsd.org Subject: 7.0 ipfw nat confusion Message-ID: <fb792cce0808310731va4ea568gc9f4d3ba80032705@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello, I've been using ipfw + natd successfully before, but now have problems using the implemented nat functionality, though I find it a great improvement. Simply NAT-in internal network to external is working flawlessly by just: ipfw nat 1 config if $extern ipfw add 100 nat 1 log ip from any to any But when I add some redirect_port to configuration, it doesn't work. External->internal translation failes (tcpdump unreachable...). Command is accepted, general NAT works fine, but ports are not forwarded. So, I did the following: ipfw nat 1 config if $internal redirect_port tcp 192.168.5.2:5000 5000 redirect_port udp 192.168.5.2:5000 5000 where 192.168.5.X is the internal network, and $internal the NIC connected to this interface. Starting a simple tcp/udp application on one of the internal clients (5.2) on port 5000, and testing it on that computer is successful. But when I attempt to connect to the service via 5.1 (the router internal IP) - no luck. tcpdump-ing gives "192.168.5.1 > 192.168.5.2: ICMP 192.168.5.1 udp port 5000 unreachable" Am I missing something? Should I add some extra rules to the ipfw (it is set to allow_all)? Similar setup worked fine with natd+ipfw. Thanks...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fb792cce0808310731va4ea568gc9f4d3ba80032705>