Date: Wed, 5 Jun 2002 17:20:00 -0700 From: "Adam Lofstedt" <adaml@visimation.com> To: <freebsd-questions@FreeBSD.ORG> Subject: RE: IPNAT redirect multiple IPs on external NIC (fixed) Message-ID: <00e601c20cef$e5c7d170$6401a8c0@adam> In-Reply-To: <00b201c20ceb$3ee3ce80$6401a8c0@adam>
next in thread | previous in thread | raw e-mail | index | archive | help
NEVERMIND - I made lots of changes and didn't flush the rules... So sorry to waste space/time. It works. Adam > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG] On Behalf Of > Adam Lofstedt > Sent: Wednesday, June 05, 2002 4:47 PM > To: freebsd-questions@FreeBSD.ORG > Subject: IPNAT redirect multiple IPs on external NIC > > > Hey, > > I am using FBSD as a firewall/NAT router with IP Filter and > IP NAT. This machine is multi-homed, with external/internal > interfaces. On internal network, there is one machine that > is both web server and email server. I am using port > forwarding and redirection to redirect traffic on the > external interface to ports 80, 143, 25, and 110 of the > web/email machine. > > Problem: I want to run two different email and web servers > on the web/email machine that share the same ports. So, I > thought I would add another IP to the external interface of > BSD box, and redirect traffic on that IP to a second IP > address that I have given to the web/email server (I have > already told the web/email programs to only listen on their > respective IP addresses). > > So, External IP #1 should forward to Internal IP#1, and > External IP #2 should forward to Internal IP#2. However, > when I telnet to port 25 of IP #2, the mail server that is > listening on internal IP#1 responds. Obviously it is not working. > > Here is my IPNAT.RULES: > _______________________________________ > # dev inside ip local inet ip > map dc0 10.0.0.0/24 -> ExternalIP#1Here/32 portmap tcp/udp > 1:65000 map dc0 10.0.0.0/24 -> ExternalIP#1Here/32 > > > #redirect Internet Services to Web/Email Server > rdr dc0 ExternalIP#1Here/32 port 80 -> 10.0.0.4 port 80 > rdr dc0 ExternalIP#1Here/32 port 110 -> 10.0.0.4 port 110 > rdr dc0 ExternalIP#1Here/32 port 25 -> 10.0.0.4 port 25 > rdr dc0 ExternalIP#1Here/32 port 143 -> 10.0.0.4 port 143 > > #redirect Lyris email traffic to port 25 of IP#2 on Web/Email > server rdr dc0 ExternalIP#2Here/32 port 25 -> 10.0.0.5 port 25 > > #redirect Lyris webserver traffic to port 80 of 10.0.0.5 > rdr dc0 ExternalIP#2Here/32 port 80 -> 10.0.0.5 > _____________________________________ > > Here is my rc.conf with device aliases: > > network_interfaces="dc0 rl0 lo0 tun0" > ifconfig_dc0="inet ExternalIP#2Here netmask 255.255.255.240" > ifconfig_dc0="inet ExternalIP#1Here netmask 255.255.255.240 > alias" ________________________ > > I suspect I need to map the inside IP#2 (10.0.0.5) to the > External IP#2, but when I add the following to IPNAT.RULES, > all traffic is stopped on the interfaces: > > map dc0 10.0.0.0/24 -> ExternalIP#2Here/32 portmap tcp/udp > 1:65000 map dc0 10.0.0.0/24 -> ExternalIP#2Here/32 > > I guess you can't map two IP's to the same local network??? > > Can anyone provide suggestions? > > Adam Lofstedt > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00e601c20cef$e5c7d170$6401a8c0>