Date: Wed, 14 Mar 2001 11:36:07 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Jeremy Keith <jkeith@monarch.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW + NATD Grouping Message-ID: <Pine.BSF.4.21.0103141108020.34738-100000@cody.jharris.com> In-Reply-To: <000001c0ac9e$de999030$a000000a@monarch.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Mar 2001, Jeremy Keith wrote: > I'm currently using NATD and port forwarding into my internal home > network. Is it possible to redirect incoming based on source? eg. > My wife and I have PC Anywhere which we like to connect to our own > computers. > > Is it possible that when my wife trys to connect from her work, it > sees the ip she's coming from and redirects the pcanywhere port to her > machine. And when I connect from my work it redirects it to my > computer becuase of my source? > You could, but it would probably be easier to redirect based on destination address or port. I have examples of both below. I couldn't remember what the ports were for PC ANywhere so I assumed it was 5632 tcp... > I realize I could add another public IP on the box and do it that way, but > I'm wondering if theres a way to do this with one IP? Yes. Example 1 (Destination based natd setup): Use natd's redirect_port option to send it to the proper machine. Here is an example: //In /etc/natd.conf: interface ep0 port 8668 redirect_port tcp 192.168.1.10:5632 5632 redirect_port tcp 192.168.1.11:5632 6001 Where your machine is 192.168.1.10 (inside). Your wife's machine is 192.168.1.11. She will have to configure her PC Anywhere client to connect to her machine at home with port 6001. Your client does not need any reconfiguring. Then: natdserver# natd -f /etc/natd.conf Example 2 (Source based natd setup): If you wanted to use source based natd stuff, you can it is just a bit more complicated. You would need to run 2 different natd's. Each with a similar (not exactly) natd.conf files above. The with ipfw you could do: // Your ipfw entry (your work machine is A.A.A.A) # ipfw add 50 divert natd ip from A.A.A.A to any in via ep0 # ipfw add 51 divert natd ip from any to A.A.A.A out via ep0 // Your wife's ipfw entry (her work machine is B.B.B.B) # ipfw add 150 divert natd2 ip from B.B.B.B to any in via ep0 # ipfw add 151 divert natd2 ip from any to B.B.B.B out via ep0 // Normal natd traffic # ipfw add 200 divert natd ip from any to any via ep0 And that's just the ipfw stuff. You still need to setup the natd.conf files and natd2 in /etc/services before this will work. If you need more help let us know! Nick Rogness <nick@rogness.net> - Keep on routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103141108020.34738-100000>