Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 16 Jun 2000 00:39:49 -0700
From:      "Crist J. Clark" <cristjc@earthlink.net>
To:        Joseph Vidican <engineer@mnsi.net>
Cc:        questions@FreeBSD.ORG
Subject:   Re: natd and natd
Message-ID:  <20000616003949.D287@dialin-client.earthlink.net>
In-Reply-To: <39492EDD.AEBD3435@mnsi.net>; from engineer@mnsi.net on Thu, Jun 15, 2000 at 03:30:37PM -0400
References:  <39492EDD.AEBD3435@mnsi.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Jun 15, 2000 at 03:30:37PM -0400, Joseph Vidican wrote:
> I'm currently running natd on a box acting as a gateway for a private
> LAN to access the internet. I would like to source some of it's ports on
> it's internet IP to some of the machines inside our network. Something
> similar to the following:
> 
> Box 1:
> 	-FreeBSD 3.4/IPFW+natd Gateway (working)
> 	-internet IP 206.48.122.2
> 	-private IP 192.168.2.254 (255.255.255.0)
> I want people on the internet to be able to connect to 206.48.122.2:80,
> and actually get 192.168.2.168:80. Similarily, I'd like to alias
> 206.48.122.2:21 to 192.168.2.123:21, and 206.48.122.2:12000 to
> 192.168.2.168:12000.
> 	Is this possible? Can I have natd performing both functions on the same
> machine? Here is how I have natd running currently:
> 
> /sbin/natd -m -f /etc/natd.conf -n ed1
> 
> natd.conf:
> 
> use_sockets no
> port 7268 # ipfirewall directs to this port instead of standard natd
> port
> interface ed1
> 
> (EOF)
> I tried adding this to /etc/natd.conf, and restarting natd, but it
> doesn't work:
> 
> redirect_port tcp 192.168.2.168:80 206.48.122.2:80 
> redirect_port tcp 192.168.2.168:12000 206.48.122.2:12000 
> 
> If I cannot perform this kind of function from the same box that natd
> runs on as a gateway; could this be done from a second box with a static
> IP address to the internet? (our webserver/ftp/email box) ? I understand
> I couldn't alias 21 or 80 if I used this second machine, but I could at
> least do port 12000 no?

Those lines you added should work. Do you have firewall rules that may
be interfering with this?
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000616003949.D287>