Date: Thu, 18 Apr 2013 12:00:15 +0430 From: saeedeh motlagh <saeedeh.motlagh@gmail.com> To: s m <sam.gh1986@gmail.com> Cc: Daniel O'Callaghan <danny@clari.net.au>, freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Fwd: how access inside from outside when nat is done from inside to outside Message-ID: <CAN%2BS=WBWDOvFjqXEvppwnNyi=zvkx04-C=aAtnFH1mfV%2B_Q_hQ@mail.gmail.com> In-Reply-To: <CAA_1SgEj4mVYO6hP8STrefvn01Gxf==pvxhp=ugPW6EVFfuf8Q@mail.gmail.com> References: <CAA_1SgGN7h9d8Rzbuwqa-2HrgwJffrqrfOdzjAqDNbBhkvehPA@mail.gmail.com> <CAA_1SgEF7RtmY11yjFwFRspY-CwQ0fLqeTGvtx3jHkLQBA4mpQ@mail.gmail.com> <515D3715.9080206@clari.net.au> <CAA_1SgEj4mVYO6hP8STrefvn01Gxf==pvxhp=ugPW6EVFfuf8Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
hi sam i do not know what is the exactly correct manner in freebsd, but it think based on definition for NAT, you should not be able to access inside systems from outside unless you have port direction. On Tue, Apr 16, 2013 at 11:35 AM, s m <sam.gh1986@gmail.com> wrote: > thanks Danny, but i'm using pf to define rules and pfctl to apply them. > > first of all it is so important for me to understand what should > exactly happen and what is the correct behavior in freebsd. i mean > when i define nat from inside to outside, should outside system can > access inside systems or not? (for example ping them). > i am so confused what is the correct manner. any hints or comments > that help to clear it for me, is really appreciated. > SAM > > On 4/4/13, Daniel O'Callaghan <danny@clari.net.au> wrote: > > On 4/04/2013 6:41 PM, s m wrote: > >> request packets: src:192.168.2.1----> dst: 192.168.1.1 > >> reply packets: src: 192.168.2.50----> dst:192.168.2.1 > > This sort of thing tends to happen when the the packets are not being > > sent via divert socket properly. > > Look carefully, step by step, at your ipfw rules which send packets to > > natd. > > Also, run natd -v in a separate window instead of running it as a > > daemon, and it will show you the packets which go through natd, and what > > is done with them. > > > > regards, > > > > Danny > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN%2BS=WBWDOvFjqXEvppwnNyi=zvkx04-C=aAtnFH1mfV%2B_Q_hQ>