Spoke too soon; figured it out not a minute later. It seems to work if I remove the divert rule for my server (10.0.0.2) from ipfw, and leave the natd parameter.
SigmaX On 8/20/06, SigmaX asdf <[EMAIL PROTECTED]> wrote:
I've setup a firewall box with IPFW and NATD with what the handbook had to offer on the subject, and now would like to get traffic forwarded to behind my shmancy new firewall. Google is purely confusing me on this one. From what I understand I need to do one or more of the following: setup a divert rule for ipfw setup a fwd rule for ipfw setup a redirect_port rule for natd compile forwarding support into my kernel Somehow I doubt it's all of the above. What am I supposed to do to allow port forwarding? Thanx for any pointers, SigmaX > > # ipfw list > 00010 divert 8668 tcp from any to 10.0.0.2 dst-port 80 > 00050 divert 8668 ip4 from any to any via rl0 > 00100 allow ip from any to any via lo0 > 00200 deny ip from any to 127.0.0.0/8 > 00300 deny ip from 127.0.0.0/8 to any > 65000 allow ip from any to any > 65535 deny ip from any to any > Semi-relevant rc.conf options: > > gateway_enable="YES" > firewall_enable="YES" > firewall_type="open" > natd_enable="YES" > natd_interface="rl0" > natd_flags="-dynamic -m -f /etc/natd.conf" > ipfw_enable="YES" > natd.conf: > > redirect_port tcp 10.0.0.2:80 80 > >
_______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
