natd redirected ports from LAN
From: asko (asko_nospam_at_ultrasoft.ee)
Date: 11/29/05
- Previous message: Arcadiy Ivanov: "FreeBSD <-> Windows XP IPSec Phase 1 Timeout"
- Next in thread: Brian Candler: "Re: natd redirected ports from LAN"
- Reply: Brian Candler: "Re: natd redirected ports from LAN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 29 Nov 2005 12:46:10 +0200 To: freebsd-net@freebsd.org
Hi,
As you know, natd redirected ports in router from WAN to LAN work only
from outside.
http://lists.freebsd.org/pipermail/freebsd-questions/2003-August/015552.html
For example,
www.example.com has public IP - a.b.c.d
webserver is in LAN, 192.168.1.10
router is 192.168.1.1
#rc.conf
natd_enable="YES"
natd_flags="-f /etc/natd.conf"
natd_interface="fxp0"
gateway_enable="YES"
#natd.conf
use_sockets yes
same_ports yes
unregistered_only yes
redirect_port tcp 192.168.1.10:80 80
The query http://a.b.c.d:80 works from outside, but does not work from
inside (LAN).
One solution is redirecting local port to 192.168.1.10:80
# inetd.conf
www stream tcp nowait nobody /usr/local/bin/nc nc -w 3
192.168.1.10 80
and adding ipfw rule:
00040 fwd 192.168.1.1,80 tcp from 192.168.1.0/24 to a.b.c.d dst-port 80
It works, but it is not very elegant, because it involves user level
programs inetd and netcat. I'm searching for a better, faster solution..
Does it exist?
-- asko _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Arcadiy Ivanov: "FreeBSD <-> Windows XP IPSec Phase 1 Timeout"
- Next in thread: Brian Candler: "Re: natd redirected ports from LAN"
- Reply: Brian Candler: "Re: natd redirected ports from LAN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
