|
FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
natd redirect_port problems
I have a gateway which is running FreeBSD 5.1 and I would like to redirect an incoming/outgoing port to a computer on the lan.
I've been dong some reading and it looks like I need natd. I've compiled my divert options into the kernel and get the following line in my dmesg on boot: ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to deny, logging limited to 100 packets/entry by default My internet connection uses the tun0 device and my network is on interface rl0. The natd command I've been trying is # natd -interface tun0 -redirect_port tcp 192.168.1.2:80 80 192.168.1.2 is my webserver which runs apache and I can access this internally. I cannot access it from the outside world, even after I disable any firewall settings. I've tried with the commands # sh /etc/rc.firewall simple # ipfw add divert natd all from any to any via tun0 # natd -interface tun0 -redirect_port tcp 192.168.1.2:80 80 and that doesn't work either. Should I be putting that ipfw in my firewall or will it do the same thing manually? Is this the correct natd call? Do I have to setup a natd.conf file as I don't have one at the moment? |
|
||||
Also that divert i think should be first before any rules. (except local). What does ipfw show output after your "configuration/commands"
I assume you have gateway_enable="YES" in your rc.conf or sysctl net.inet.ip.forwarding=1 just checking.
__________________
SpreadBsd |
|
|||
I've got it working but I have to run this command everytime my firewall restarts:
# natd -interface tun0 -redirect_port tcp 192.168.1.2:80 80 and I've added these lines to my firewall # NAT ${fwcmd} add divert natd all from any to any via tun0 ${fwcmd} add check-state allow all from any to any ${fwcmd} add pass tcp from any to ${oip} 80 setup ${fwcmd} add divert natd all from any to any via ${oif} ${fwcmd} add check-state allow all from any to any What is the proper way of starting that nat command at startup? Should I be using the natd.conf? |
|
||||
rc.conf
Code:
natd_enable="YES" natd_interface="tun0" natd_flags="-f /etc/natd.conf"
__________________
SpreadBsd |
|
|||
I've put those lines in the rc.conf file but I still have to run the natd command manually when I boot. Otherwise people get a proxy not found error in their browsers.
Here is my natd.conf Code:
# # natd.conf # # Manual line: # natd -interface tun0 -redirect_port tcp 192.168.200.2:80 80 # #interface tun0 #use_sockets yes #same_ports yes # Allow paistram to be the webserver redirect_port tcp 192.168.1.2:80 80 |
|
|||
In the end I just created a natd_start.sh script in my /usr/local/etc/rc.d file and started it through rc.conf with natd_start_enable=YES.
|
|
|||
The script
Quote:
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Freebsd 7.0 natd problem with jail | bsduser | FreeBSD Installation and Upgrading | 2 | 26th July 2008 12:40 AM |
Pf need natd? | TiN-MAN | FreeBSD Installation and Upgrading | 2 | 5th July 2008 08:25 PM |
samba wont operate under natd/ipfw | Johnny2Bad | FreeBSD General | 3 | 24th May 2008 09:46 PM |
flush natd rules | nenduvel | FreeBSD Security | 1 | 3rd May 2008 08:59 PM |