On Sun, Jun 25, 2006 at 04:13:20PM +0800, S t i n g r a y wrote:
> My Yahoo Messenger on Clients isnt working .. please have a look at my rules
> & tell whats wrong ?
>
> regards
>
>
> intif="epic0"
> intad="10.0.0.0/16"
> extif="fxp0"
> extad="192.168.0.6/32"
> chadd="10.0.0.6/32"
> dmzser="10.0.0.1/32"
> allif="{$extif, intif}"
> table <allowedclients> persist file "/etc/allowedclients"
> table <blockedclients> persist file "/etc/blockedclients"
> scrub in all
> nat on $extif from $intif to any -> $extad
> rdr on $intif proto tcp from $intad to any port 80 -> $chadd port 8080
> pass in all
> pass out all
You don't need /32, by the way...
It is quite possible that the protocol includes the server trying to
connect back to you (it appears, from some documentation, that Yahoo!
does this). In this case, you'll want a rdr from $extif port 80 to
$desktop; Yahoo! similarly wants ports 5101 and 5100 for some services,
according to <http://www.helpbytes.co.uk/yconnect.php> - which may or
may not be correct.
Of course, to do any forwarding, net.inet.ip.forwarding should be set to
1 (substitute ip6 for ip where appropriate).
Joachim
