> On 30 Mar 2015, at 17:45, Vladislav V. Prodan <ad...@support.od.ua> wrote: > > > # ipfw nat show config > ipfw nat 25 config ip XXX.XXX.122.10 redirect_port tcp 192.168.25.4:80 9001 > redirect_port tcp 192.168.25.3:80 9000 redirect_port udp 192.168.25.3:161 9011 > > # ipfw show > 00200 0 0 fwd 77.120.112.1 ip from XXX.XXX.122.10 to any out via > em1.201 > 01000 29 1171 nat 25 tcp from any to XXX.XXX.122.10 dst-port 9000-9100 > 01001 46 1840 nat 25 tcp from 192.168.25.0/24 80 to any > 01002 0 0 nat 25 tcp from 192.168.25.0/24 53,123,161 to any
А здесь не хватает чего-то типа 01010 nat 25 udp from any to XXX.XXX.122.10 9011 01011 nat 25 udp from 192.168.25.3 161 to any > 65533 13228 8362113 allow ip from any to any > 65534 0 0 allow ip6 from any to any > 65535 811 627505 allow ip from any to any > > tcpdump не показывает пакетиков host 192.168.25.3 and port 161 > Доступ-проброс к http (tcp 80) работает. > > FreeBSD 10.1-PRERELEASE #0: Thu Oct 16 03:49:43 EEST 2014 amd64 > > > > -- > Vladislav V. Prodan > System & Network Administrator > support.od.ua