Thanks for the help,
My ipf.conf file is blank. (Comments only)
ipnat.conf has a single line:
rdr bge0 0.0.0.0/0 port 80 -> 127.0.0.1 port 8080
ifconfig -a outputs the following:
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
8232 index 1
inet 127.0.0.1 netmask ff000000
bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index
2
inet 158.147.51.44 netmask ffffff00 broadcast 158.147.51.255
ether 0:3:ba:f2:e1:a4
Brad Mann
Software Engineer - Information Access Services
HARRIS Corporation / GCSD
(321) 984-6292
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jim Sandoz
Sent: Friday, July 14, 2006 10:47 AM
To: [email protected]
Subject: Re: Easy port forwarding question
brad,
a)
you should be using bge0.
b)
did you drill a hole for the rewritten packets in your ipf.conf?
http://www.phildev.net/ipf/IPFques.html#ques11
c)
post your ipf.conf, your ipnat.conf, and the output of "ifconfig -a";
then we can solve your problem in 60 seconds.
http://www.phildev.net/ipf/IPFmail.html#mail3
regards,
jim
Mann, Bradley wrote:
> Thanks for the help. I tried the those settings but they didn't seem
to
> work. Perhaps I am not understanding the <IF> part of the command.
> netstat -i shows 2 entries:
>
> lo0 8232 loopback localhost ...
> bge0 1500 machinename machinename ...
>
> I tried using both of these as the value for <IF> but the machine
still
> didn't seem to forward the ports. I reloaded the file with the
following
> commands:
>
> ipnat -C
> ipnat -f ipnat.conf
>
> Am I missing something?
>
>
> Brad Mann
> Software Engineer - Information Access Services
> HARRIS Corporation / GCSD
> (321) 984-6292
>
> -----Original Message-----
> From: Flemming Laugaard [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 13, 2006 7:46 AM
> To: Mann, Bradley
> Cc: [email protected]
> Subject: Re: Easy port forwarding question
>
>
>>>Hello,
>>>
>>>I am extremely new to ipfilter/ipnat, and all I am attempting to
>>>accomplish is to have port 80 on a machine forward to its own port
>
> 8080.
>
>>>This command will need to be as generic as possible so that it can be
>>>deployed to other locations that have the same configuration but
>>>different IP address.
>>>
>>
>>ipnat:
>>rdr <IF> <SRVIP>/32 port 80 -> 127.0.0.1 port 8080
>>
>>I can't do it more generic than this. You need to set both IP
>
> adresses.
>
>>But that could be solved by scripting :-)
>
>
> You could also try
>
> rdr <IF> 0.0.0.0/0 port 80 -> 127.0.0.1 port 8080
>
> For redirecting anything going anywhere on <IF> port 80. I haven't
tried
> it myself.
>
> Regards
> Flemming Laugaard
>
>
