Hello, -------- Original-Nachricht -------- > Datum: Sat, 23 Feb 2008 21:29:06 +0000 > Von: "elaconta.com Webmaster" <[EMAIL PROTECTED]> > An: Stefan Kell <[EMAIL PROTECTED]> > CC: misc@openbsd.org > Betreff: Re: Web Traffic forwarding, PF and NC
> Stefan Kell wrote: > > Hello, > > > > On Sat, 23 Feb 2008, elaconta.com Webmaster wrote: > > > >> Stefan Kell wrote: > >>> Hello, > >>> > >>> On Sat, 23 Feb 2008, elaconta.com Webmaster wrote: > >>> > >>>> Greetings > >>>> > >>>> ...snip... > >>>> rdr on $ext_if proto tcp from any to 192.168.1.121 port 80 -> > >>>> 127.0.0.1 port 5000 > >>>> > >>>> ...snip > >>>> > >>>> I'm running OpenBSD 3.9 (i386) on both machines. > >>>> > >>> > >>> why not rdr directly to your internal webserver instead of > >>> 127.0.0.1? OpenBSD > >>> 3.9 is quite old but rdr should work quite well. I use this since > >>> OpenBSD 3.4 > >>> > >>> Regards > >>> > >>> Stefan Kell > >>> > >>> > >>> > >> Hi > >> > >> I've tried the following configuration but it yields no effect, i.e. > >> when someone tries to view a web page from the outside the web page > >> isn't served. Maybe something is wrong with the config: > >> > >> > #------------------------------------------------------------------------------------------- > > >> > >> > >> ext_if="rl1" > >> > >> rdr on $ext_if proto tcp from any to 192.168.1.121 port 80 -> > >> 192.168.1.126 port 80 > >> > >> pass out on $ext_if inet all keep state > >> > >> pass in on $ext_if inet all keep state > >> > >> > #------------------------------------------------------------------------------------------- > > >> > >> > > > > is the OpenBSD machine acting as a router? Or ist the webserver directly > > connected to the cable modem? Then it cannot work as Stuart Henderson > > has explained. My setup would use the machine as a router and different > > subnets and also nat on the external interface. > > > > Regards > > > > Stefan Kell > > > > > The webserver (192.168.1.126) is directly connected to the cable modem, > as is the 192.168.1.121 server. > What service(s) would i need to run on 192.168.1.121 to make it useable > as a gateway (router) to 192.168.1.126? > Would just: > > # *sysctl net.inet.ip.forwarding=1* > > enable it as a router? I would also need some other service, right? Sorry > for any noobness. You need two network interfaces on your OpenBSD machine, different subnets physically: one for cable modem and external interface on OpenBSD, one for your internal network. sysctl is necessary as you have written and you need a nat rule in pf.conf. There are a lot of instructions flowing around in the internet which show you how to do it. Regards Stefan Kell
