Date: Tue, 28 May 2002 17:38:40 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Curtis Polk <cmackjr@swbell.net> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: IPNAT Multiple rdr Message-ID: <20020528173543.J40686-100000@localhost> In-Reply-To: <3CF3D558.85886D80@swbell.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 28 May 2002, Curtis Polk wrote: > I have two aliases on my outward facing machine. I would like to > redirect the primary address and the two aliases to an internal machine > running two instances of Apache and one of Tomcat. I have tried > various ipnat rules, and nothing works. > As near as I can tell from the documentation, this should work, but does > not: > # redirects to internal server > rdr xl0 aaa.bbb.ccc dd1 port 80 -> 192.168.2.3 port 80 > rdr xl0 aaa.bbb.ccc.dd2 port 80 -> 192.168.2.4 port 80 > rdr xl0 aaa.bbb.ccc.dd3 port 3000 -> 192.168.2.5 port 3000 It looks fine. > > # normal private-to-public mapping > map xl0 192.168.2.0/24 -> aaa.bbb.ccc.dd1/32 > > The firewall macine has two network cards, xl0, the public interface, > and xl1, the 192 network. I have tried coming down to the simplest > configuration, by attempting to redirect the firewall's primary address > to 192.168.2.3, the internal machine's primary address. The redirects > don't work, but the map does. Any help would be appreciated. > Flush the firewall rules and try the redirects again. Maybe the packet filter is blocking them. Run tcpdump an both xl0 and xl1 and see if the packets come through the firewall. Hope this helps. Fer > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020528173543.J40686-100000>