From owner-freebsd-questions Sat Mar 3 8: 1: 1 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dornier.akula.org (cs160144-62.satx.rr.com [24.160.144.62]) by hub.freebsd.org (Postfix) with ESMTP id 1F0B837B71C for ; Sat, 3 Mar 2001 08:00:58 -0800 (PST) (envelope-from jhunt@akula.org) Received: from akula.org ([192.168.2.2]) by dornier.akula.org (8.11.2/8.11.1) with ESMTP id f23G0ui00597 for ; Sat, 3 Mar 2001 10:00:57 -0600 (CST) (envelope-from jhunt@akula.org) Message-ID: <3AA11538.4C43C765@akula.org> Date: Sat, 03 Mar 2001 10:00:56 -0600 From: Jason Hunt X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: redirection of ports.. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG greetings, My firewall is directing traffic on ports 80 and 25 to a non routable ip behind the firewall. Everything seems great with sendmail. The problems are with apache. My nat rules are as follows: map xl0 192.168.x.x/24 -> xl0/32 portmap tcp/udp 10000:20000 map xl0 192.168.x.x/24 -> xl0/32 rdr xl0 xl0/32 port 25 -> 192.168.x.x port 25 rdr xl0 xl0/32 port 80 -> 192.168.x.x port 80 Well actually there are a couple of problems. From a machine behind the firewall if I try and connect to the firewall on port 25 for example, I get a connection refused. If I do it from another machine on the inernet, everything works right. With clients behind the firewall same thing with apache - connection refused. Also I was using virtual hosts with apache before and for some reason I am getting a test page now - though nothing has changed. I think this may be due to the fact that my NameVirtualHost is my IP provided by ISP and since clients behind the firewall are not be redirected to the right machine it is displaying this test page for some reason - confused about this. Anyway, I tried adding something like this to the nat rules: rdr xl1 xl1/32 port 80 -> 192.168.x.x port 80 xl1 is the second nic in my machine, while xl0 is dhcp from isp. This didn't work though. can anyone explain where I am screwing up? Thanks -- There is not the slightest indication that nuclear energy will ever be obtainable. It would mean that the atom would have to be shattered at will. - Albert Einstein, 1932. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message