Re: 4.1.1-Stable and natd

Mon, 25 Dec 2000 06:07:27 -0800 

Just a wild guess... Perhaps the ipfw is blocking the traffic?
Please post your ipfw rules.

On Sat, 23 Dec 2000, Box1 wrote:

> FreeBSD-4.1.1-Stable
> Box-A= gateway
> Box-B= Apache, ircd, etc... servers
> 
> I'm not able to redirect *only* http/https incoming-packets on my outside
> interface to a box on my local network.  Below if from my /etc/rc.conf and
> /etc/natd.conf;
> -
> natd_enable="YES"
> natd_flags="-f /etc/natd.conf"
> natd_interface="de0"
> -
> redirect_port tcp 192.168.0.2:6667-7000 6667-7000 <-- this works fine
> redirect_port tcp 192.168.0.2:25 25  <-- this works fine
> redirect_port tcp 192.168.0.2:80 80  <-- this will *not* work
> redirect_port tcp 192.168.0.2:443 443  <-- this will *not* work
> 
> While these redirects are in place, I have used anonymizer.com to make it
> seem I'm on the outside of my local network and, surf to my URL using a FQDN
> and alternatively my ISP assigned 'ip'.  I then view my ipfw logs on box-A
> with; tail -f  /var/log/security which shows the following;
> Dec 23 20:48:55 Box-A /kernel: ipfw: 5100 Count TCP 216.34.244.18:32176
> my.external.ip:80 in via de0
> -
> I now do a tcpdump -i de0 (while anonymizer.com tries to surf as described
> above) results show below;
> 21:03:36.298039 bellatrix.anonymizer.com.2783 > my.external.ip.http: S
> 276149746:276149746(0) win 32120 <mss 1460,sackOK,timestamp 1419389851
> 0,nop,wscale 0> (DF)
> 
> My take from this is, the gateway is seeing the packets.  At the same time
> on box-B, I am doing tail -f /var/log/security  and i see nothing hitting
> the apache servers ports.  I have tried using other ports in place of 80 and
> 443, but, the redirects to my *known* working Apache does not happen.
> 
> assistance needed.
> 
> 
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-stable" in the body of the message
> 

--Roman Shterenzon, UNIX System Administrator and Consultant
[ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message

Reply via email to