Date: Thu, 15 Jun 2006 18:07:19 -0300 From: "mufalani" <mufalani@oi.com.br> To: <freebsd-ipfw@freebsd.org> Subject: ipfw rules + natd .. other question Message-ID: <000b01c690bf$b0fb72a0$0101a8c0@cristian2aebca>
next in thread | raw e-mail | index | archive | help
Hi all, Thank you for help me in configure NAT ... It=B4s working perfectly!!! One another doubt... where my public address =3D 200.X.Y.Z and my trusted addresses =3D 201.1.2.3, 205.6.7.8 I want to only liberate the access to IP 200.X.Y.Z=20 for addresses: 201.1.2.3, 205.6.7.8 and to block for the remaining = portion of the world. You can help me? ###############my natd.conf############### log yes same_ports yes use_sockets yes interface rl0 redirect_port tcp 10.0.0.211:80 200.X.Y.Z:80 redirect_port tcp 10.0.0.211:80 200.X.Y.Z:80 ############# end nat.conf ################# ############ rc.local #################### /sbin/natd -s -n rl0 -p 8668 -config "/etc/natd.conf" /sbin/ipfw -f flush ## /sbin/ipfw add 100 allow ip from 205.6.7.8 to 200.X.Y.Z keep-state /sbin/ipfw add 100 allow ip from 201.1.2.3 to 200.X.Y.Z keep-state ## /sbin/ipfw add 120 deny ip from any to 200.X.Y.Z ## /sbin/ipfw add 140 divert 8668 ip from any to 200.X.Y.Z in recv rl0 /sbin/ipfw add 150 divert 8668 ip from 201.0.0.0 to 200.X.Y.Z in recv = rl0 /sbin/ipfw add 160 divert 8668 ip from 10.0.0.211 to any out xmit rl0 ############# end rc.local #################
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000b01c690bf$b0fb72a0$0101a8c0>