From owner-freebsd-questions Sun May 7 8:13:29 2000 Delivered-To: freebsd-questions@freebsd.org Received: from web2103.mail.yahoo.com (web2103.mail.yahoo.com [128.11.68.247]) by hub.freebsd.org (Postfix) with SMTP id 2229537BBD6 for ; Sun, 7 May 2000 08:13:26 -0700 (PDT) (envelope-from allenklu@yahoo.com) Received: (qmail 18381 invoked by uid 60001); 7 May 2000 15:13:25 -0000 Message-ID: <20000507151325.18380.qmail@web2103.mail.yahoo.com> Received: from [216.102.221.227] by web2103.mail.yahoo.com; Sun, 07 May 2000 08:13:25 PDT Date: Sun, 7 May 2000 08:13:25 -0700 (PDT) From: Allen Lu Subject: ipfirewall (ipfw) To: questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi I have a question that I've been trying to find an answer in the docs for a while but can't seem to get a finger on what the problem could be. I'm using the latest standard release FreeBSD-4.0. These are my kernel changes under MYKERNEL to turn on firewall and static natd on two interfaces: rl0, rl1. Followed by my rc.conf. The problem is packets are not getting forwarded by the redirect_address statement in my /etc/natd.conf file. My goal is to setup a static natd by translating a real internet IP to the public interface (rl0) and redirect it after filtering to the private LAN via 192.168.1.1 to 192.168.1.10. When I telnet to 216.218.224.107, it goes to the firewall, not the destined client I want. I also cannot ping 216.218.224.107 on the firewall itself. 224.107 is aliased to 224.106, which is the original ip address of the public card. KERNEL: options IPFIREWALL options IPFIREWALL_VERBOSE options IPDIVERT rc.conf: # -- sysinstall generated deltas -- # gateway_enable="YES" network_interfaces="rl0 rl1 lo0" ifconfig_rl0="inet 216.218.224.106 netmask 255.255.255.248 broadcast 216.218.224 .111" ifconfig rl0 alias 216.218.224.107 netmask 255.255.255.248 ifconfig_rl1="inet 192.168.1.1 netmask 255.255.255.0" ifconfig_lo0="inet 127.0.0.1" defaultrouter="216.218.224.105" hostname="rogue.alltopix.com" firewall_enable="YES" firewall_type="open" firewall_quiet="NO" natd_enabled="YES" natd_interface="rl0" natd_flags="-u -m -f /etc/natd.conf" sendmail_enable="NO" gateway_enable="YES" router_enable="NO" static_routes="" router="routed" mrouted_enable="NO" mrouted_flags="" ipxgateway_enable="NO" tcp_extensions="NO" ipxrouted_enable="NO" ipxrouted_flags="" arpproxy_all="" forward_sourceroute="NO" accept_sourceroute="NO" /etc/natd.conf: redirect_address 192.168.1.10 216.218.224.107 Any suggestions to why it doesn't work? Allen __________________________________________________ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message