Date: Mon, 19 Jul 1999 17:20:12 -0700 (PDT) From: Suresh Rajagopalan <sraja@cinenet.net> To: Muditha Gunatilake <muditha@seychelles.net> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: FBSD/NAT question Message-ID: <Pine.GSO.3.96.990719171843.18976C-100000@hermosa.cinenet.net> In-Reply-To: <37903E91.D4227A92@seychelles.net>
next in thread | previous in thread | raw e-mail | index | archive | help
You'll have to setup a config file for natd which will have a line(lines)
such as:
redirect_port tcp/udp inside_ip:inside_port outside_ip:outside_port
man natd is your friend.
-S
On Sat, 17 Jul 1999, Muditha Gunatilake wrote:
> I am trying to get freebsd to act as a mail gateway(router) to a NT &
> Exchange network. The Freebsd box sits on the customer LAN connected to
> the ISP via a leased-line. The network has 10/ ip addresses and the bsd
> box has ethernet ip from lan and fixed ip with the ISP. I have enabled
> NAT and the customer network can browse using the FBSD box has the
> gateway without any problems.
>
> The network runs an exchange mail server and I am trying to get all
> requests to made to the SMTP 25 on the gateway to be routed to the
> exchange server without much success. My rc.conf file is as given below.
> Can anyone please point any mistakes I have made. (I am not running
> sendmail on the FBSD box and I don't want it to act as a mail server).
> Is there something I missed out or any thing I need to add to get this
> working?
>
>
>
> ##############################################################
> ### Important initial Boot-time options #####################
> ##############################################################
>
> swapfile="NO" # Set to name of swapfile if aux swapfile
> desired.
> apm_enable="NO" # Set to YES if you want APM enabled.
> pccard_enable="NO" # Set to YES if you want to configure PCCARD
> devices.
> pccard_mem="DEFAULT" # If pccard_enable=YES, this is card memory
> address.
> pccard_ifconfig="NO" # Specialized pccard ethernet configuration (or
> NO).
> local_startup="/usr/local/etc/rc.d /usr/X11R6/etc/rc.d" # startup script
> dirs.
>
>
> ##############################################################
> ### Network configuration sub-section ######################
> ##############################################################
>
> ### Basic network options: ###
> hostname="gateway.abc.com" # Set this!
> nisdomainname="NO" # Set to NIS domain if using NIS (or
> NO).
> firewall_enable="YES" # Set to YES to enable firewall
> functionality
> firewall_type="OPEN" # Firewall type (see /etc/rc.firewall)
> firewall_quiet="NO" # Set to YES to suppress rule display
> tcp_extensions="YES" # Allow RFC1323 & RFC1644 extensions (or
> NO).
> network_interfaces="ep0 lo0" # List of network interfaces (lo0 is
> loopback).
> ifconfig_ep0="inet 10.0.0.150 netmask 255.0.0.0"
> ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
>
> #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample
> alias entry.
>
> ### Network daemon (miscellaneous) & NFS options: ###
> syslogd_enable="YES" # Run syslog daemon (or NO).
> syslogd_flags="" # Flags to syslogd (if enabled).
> inetd_enable="YES" # Run the network daemon dispatcher (or
> NO).
> inetd_flags="" # Optional flags to inetd.
> named_enable="NO" # Run named, the DNS server (or NO).
> named_program="/usr/sbin/named" # named program, in case we want bind8
> instead.
> named_flags="-b /etc/namedb/named.boot" # Flags to named (if enabled).
> kerberos_server_enable="NO" # Run a kerberos master server (or NO).
> kadmind_server_enable="NO" # Run kadmind (or NO) -- do not run on
> # a slave kerberos server
> kerberos_stash="" # Is the kerberos master key stashed?
> rwhod_enable="NO" # Run the rwho daemon (or NO).
> amd_enable="NO" # Run amd service with $amd_flags (or
> NO).
> amd_flags="-a /net -c 1800 -k i386 -d my.domain -l syslog /host
> /etc/amd.map"
> nfs_client_enable="NO" # This host is an NFS client (or NO).
> nfs_client_flags="-n 4" # Flags to nfsiod (if enabled).
> nfs_access_cache="0" # Client cache timeout in seconds
> nfs_server_enable="NO" # This host is an NFS server (or NO).
> nfs_server_flags="-u -t 4" # Flags to nfsd (if enabled).
> mountd_flags="-r" # Flags to mountd (if NFS server
> enabled).
> nfs_reserved_port_only="NO" # Provide NFS only on secure port (or
> NO).
> rpc_lockd_enable="NO" # Run NFS rpc.lockd (*broken!*) if
> nfs_server.
> rpc_statd_enable="YES" # Run NFS rpc.statd if nfs_server (or
> NO).
> portmap_enable="YES" # Run the portmapper service (or NO).
> portmap_flags="" # Flags to portmap (if enabled).
> rarpd_enable="NO" # Run rarpd (or NO).
> rarpd_flags="" # Flags to rarpd.
> xtend_enable="NO" # Run the X-10 power controller daemon.
> xtend_flags="" # Flags to xtend (if enabled).
>
> ### Network Time Services options: ###
> timed_enable="NO" # Run the time daemon (or NO).
> timed_flags="" # Flags to timed (if enabled).
> ntpdate_enable="NO" # Run the ntpdate to sync time (or NO).
> ntpdate_program="ntpdate" # path to ntpdate, if you want a
> different one.
> ntpdate_flags="" # Flags to ntpdate (if enabled).
> xntpd_enable="NO" # Run xntpd Network Time Protocol (or
> NO).
> xntpd_program="xntpd" # path to xntpd, if you want a different
> one.
> xntpd_flags="-p /var/run/xntpd.pid" # Flags to xntpd
> (if enabled).
> tickadj_enable="NO" # Run tickadj (or NO).
> tickadj_flags="-Aq" # Flags to tickadj (if enabled).
>
> # Network Information Services (NIS) options: ###
> nis_client_enable="NO" # We're an NIS client (or NO).
> nis_client_flags="" # Flags to ypbind (if enabled).
> nis_ypset_enable="NO" # Run ypset at boot time (or NO).
> nis_ypset_flags="" # Flags to ypset (if enabled).
> nis_server_enable="NO" # We're an NIS server (or NO).
> nis_server_flags="" # Flags to ypserv (if enabled).
> nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO).
> nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled).
> nis_yppasswdd_enable="NO" # Run rpc.yppasswdd at boot time (or
> NO).
> nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled).
>
> ### Network routing options: ###
> defaultrouter="202.84.227.1" # Set to default gateway (or
> NO).
> static_routes="" # Set to static route list (or leave
> empty).
> gateway_enable="YES" # Set to YES if this host will be a
> gateway.
> router_enable="NO" # Set to YES to enable a routing daemon.
>
> router="routed" # Name of routing daemon to use if
> enabled.
> router_flags="-q" # Flags for routing daemon.
> mrouted_enable="NO" # Do multicast routing (see
> /etc/mrouted.conf).
> mrouted_flags="" # Flags for multicast routing daemon.
> ipxgateway_enable="NO" # Set to YES to enable IPX routing.
> ipxrouted_enable="NO" # Set to YES to run the IPX routing
> daemon.
> ipxrouted_flags="" # Flags for IPX routing daemon.
> arpproxy_all="" # replaces obsolete kernel option
> ARP_PROXYALL.
> forward_sourceroute="NO" # do source routing (only if
> gateway_enable is set to "YES")
> accept_sourceroute="NO" # accept source routed packets to us
> natd_enable="YES" # Enable natd if firewall_enable.
> natd_interface="ppp0" # Public interface to use with natd if
> natd_enable.
> natd_flags="-dynamic -u -redirect_port tcp 10.0.0.150:25 10.0.0.3:25
> " # Additional flags for natd.
>
>
> ##############################################################
> ### System console options #################################
> ##############################################################
>
> keymap="NO" # keymap in /usr/share/syscons/keymaps/* (or
> NO).
> keyrate="NO" # keyboard rate to: slow, normal, fast (or NO).
> keybell="NO" # bell to duration.pitch or normal or visual (or
> NO).
> keychange="NO" # function keys default values (or NO).
> cursor="NO" # cursor type {normal|blink|destructive} (or
> NO).
> scrnmap="NO" # screen map in /usr/share/syscons/scrnmaps/*
> (or NO).
> font8x16="NO" # font 8x16 from /usr/share/syscons/fonts/* (or
> NO).
> font8x14="NO" # font 8x14 from /usr/share/syscons/fonts/* (or
> NO).
> font8x8="NO" # font 8x8 from /usr/share/syscons/fonts/* (or
> NO).
> blanktime="300" # blank time (in seconds) or "NO" to turn it
> off.
> saver="NO" # screen saver:
> blank/daemon/green/snake/star/NO.
> moused_enable="NO" # Run the mouse daemon.
> moused_type="auto" # See man page for rc.conf(5) for available
> settings.
> moused_port="/dev/cuaa0" # Set to your mouse port.
> moused_flags="" # Any additional flags to moused.
> allscreens_flags="" # Set this vidcontrol mode for all virtual
> screens
>
>
> ##############################################################
> ### Miscellaneous administrative options ###################
> ##############################################################
>
> cron_enable="YES" # Run the periodic job daemon.
> lpd_enable="NO" # Run the line printer daemon.
> lpd_flags="" # Flags to lpd (if enabled).
> sendmail_enable="NO" # Run the sendmail daemon (or NO).
> sendmail_flags="-bd -q30m" # -bd is pretty mandatory.
> dumpdev="NO" # Device name to crashdump to (if enabled).
> check_quotas="NO" # Check quotas (or NO).
> accounting_enable="NO" # Turn on process accounting (or NO).
> ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or
> NO).
> linux_enable="NO" # Linux emulation loaded at startup (or NO).
> rand_irqs="NO" # Stir the entropy pool (like "5 11" or NO).
> clear_tmp_enable="NO" # Clear /tmp at startup.
> ldconfig_paths="/usr/lib/compat /usr/X11R6/lib /usr/local/lib" # shared
> library search paths
>
> ##############################################################
> ### Allow local configuration override at the very end here ##
> ##############################################################
> if [ -f /etc/rc.conf.local ]; then
> . /etc/rc.conf.local
> fi
> --
> ---------------------
> Muditha Gunatilake
> Atlas Seychelles Ltd
>
> Phone:304060
> email: muditha@seychelles.net
> mbh3gpa@afs.mcc.ac.uk
> muditha@creole.seychelles.net
> :-)
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.96.990719171843.18976C-100000>