Date: Fri, 25 Aug 2000 20:27:29 -0400 (EDT) From: Thomas David Rivers <rivers@dignus.com> To: freebsd-stable@freebsd.org Subject: natd & redirect with 4.1-RELEASE? Message-ID: <200008260027.UAA91074@lakes.dignus.com>
next in thread | raw e-mail | index | archive | help
I'm trying to move a venerable 3.1-RELEASE gateway to 4.1-RELEASE,
but I'm having a bit of a problem with natd & port redirection.
The firewall type is `open', and I have the following
options in the kernel:
#
# IP options
#
options MROUTING # Multicast routing
options IPFIREWALL #firewall
options IPFIREWALL_FORWARD #enable transparent proxy support
options IPDIVERT #divert sockets
/etc/rc.conf looks like:
firewall_enable="YES"
firewall_type=open
#
# enable natd - set the interface & flags to forward packets
# appropriately.
#
natd_enable="YES"
natd_interface="xl0"
natd_flags="-l -m -u -redirect_port tcp 10.0.0.11:telnet 6666 -redirect_port udp 10.0.0.11:telnet 6666"
This worked just fantastic with 3.1-RELEASE; but I can't seem to get
it to work for 4.1-RELEASE. When you try to telnet to the gateway
at port 6666, it just sits there...
I've verified that the ipfw rules appear correct:
# ipfw list
00050 divert 8668 ip from any to any via xl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 deny ip from any to any
and, natd is running...
Does anyone else have natd issues with 4.1-RELEASE? Have I left
something out here? (Could IPFIREWALL_FORWARD be the culprit?)
- Thanks -
- Dave Rivers -
--
rivers@dignus.com Work: (919) 676-0847
Get your mainframe (370) `C' compiler at http://www.dignus.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008260027.UAA91074>