Date: Sat, 16 Oct 1999 12:03:29 +0800 From: "David May, Powered by FreeBSD 2.2.6, somewhere in the Outback" <mayd@cygnus.uwa.edu.au> To: "+ +" <uvatha@my-Deja.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: port forwarding, again Message-ID: <199910160403.MAA04005@chrysanthemum.localdomain> In-Reply-To: Your message of "Tue, 05 Oct 1999 17:15:55 MST." <DEDLKBGMAHLDBAAA@my-deja.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I sympathise with your problem as I have been in the same situation.
I am a beginner at this ipfw/natd game but here are my suggestions:
1. You need more than "a single ipfw rule". In my own setup at work I needed
to run natd on the firewall to do the port forwarding from the firewall
to the internal host. Plus I needed to add one or two rules to rc.firewall,
as you have, but watch out, the rules can have strange and unforseen effects.
Plus I needed to add a default route on the internal host pointing back to the
firewall. There must be better ways but I could not understand the natd
documentation well enough to figure out how to use it as a proxy. Be aware that
this port aliasing may not work well with some protocols (ssh hated it).
2. It might help to post your question to a list where it is more visible
such
as freebsd-ipfw or freebsd-security.
By the way, I am using 3.2 at work but ipfw and natd on my 2.2.8 at home seem
very similar.
--
David May | mailto:mayd@cygnus.uwa.edu.au | Finger for
| finger:mayd@cygnus.uwa.edu.au | PGP Public Key
| http://cygnus.uwa.edu.au/~mayd |
``We are so used to thinking in terms of the `progress' of science that
it is hard for us to remember that certain matters were better understood
one hundred years ago.''
Robert Hermann, in introduction to
Felix Klein, Development of Mathematics in the 19th Century.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910160403.MAA04005>