From owner-freebsd-questions Tue Jul 13 11:33:30 1999 Delivered-To: freebsd-questions@freebsd.org Received: from wildrock.com (wildrock.com [208.192.111.240]) by hub.freebsd.org (Postfix) with ESMTP id 3222115034 for ; Tue, 13 Jul 1999 11:33:09 -0700 (PDT) (envelope-from ras@wildrock.com) Received: from mis2 (doppelganger.admis.com [208.192.111.254]) by wildrock.com (8.9.3/8.9.3) with SMTP id NAA07582; Tue, 13 Jul 1999 13:33:02 -0500 (CDT) (envelope-from ras@wildrock.com) From: "Chris Silva" To: "FreeBSD Questions" Cc: Subject: NATD help - please Date: Tue, 13 Jul 1999 13:36:38 -0500 Message-ID: <000001becd5e$a4fa4e80$ddb5a8b6@mis2.admis.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have a network that has a class C via our provider. I removed most NT boxes that were doing internet related things. I have now FBSD 3.2 on those boxes. We used to use MS Proxy, now I have FBSD as a firewall. With IPFIREWALL, IPDIVERT in the kernel, and in /etc/rc.conf, in the natd flags, I have -f /etc/natd.conf to read the rules for nat. The contents of /etc/natd.conf is this: -redirect_port insideIP:80 outsideIP:80 (for example) Below is an example of the original setup: IP's are cludged for security: Example 1: www = 111.111.111.100 ftp = 111.111.111.101 mail = 111.111.111.102 DNS1 = 111.111.111.103 DNS2 = 111.111.111.104 FBSD = 111.111.111.105 -> This is the new firewall What would the /etc/natd.conf file look like to get the 1st 3 boxes behind FBSD to look like this: Example 2: FBSD = 111.111.111.105 www = 10.0.0.100 ftp = 10.0.0.101 mail = 10.0.0.102 I have added the above redirect for just the webserver without any success of a connection. (Yes, I have reissued the IP to the web server to match example 2 - and the gateway was changed from the Cisco router, to the FBSD firewall). Any ideas - help would be cool. I read the NATD man over and over several times, got some ideas from freebsddiary, but I still just can't seem to get this to work. It seems to be something very easy. But its beaten the hell out of me - so far ;) Thanks in advance everyone. Chris _____________________________________________________________________ RSA Key Fingerprint = 6D0B 5536 7825 3D09 9093 384A 9694 FDB6 RSA Key Fingerprint = 4390 44E5 E316 F2AA A11E 5755 F3F9 D69B DH/DSS Fingerprint = 089B 0B5C 75C7 A7B4 B050 DD14 2D65 5DD6 E87D 239A PGP Mail encouraged / preferred - keys available on common keyservers _____________________________________________________________________ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message