ipnat question:

From: Zhelyazko Georgiev (jeliazkoge_at_yahoo.com)
Date: 10/31/04

  • Next message: Louis LeBlanc: "Re: More Intel ICH5 SATA150 hangs" 
    Date: Sat, 30 Oct 2004 17:25:57 -0700 (PDT)
To: freebsd-questions@freebsd.org

    Hello,
    I'm connected to internet trough LAN, I have router
    running freeBSD 5.2. I have several windows boxes in
    my ibternal network. I want to be able to access the
    remote desktop from outside on one of the windows
    boxes. For that reason I'm using IPfirewal and ipnat.
    Attached are my rc.conf, ipf.rules and ipnat.rules.
    The router is working fine except I cannot get it to
    forward ports, like I did on my linux box. The IPs of
    my internal network are 192.168.1.0/24, the external
    IP is 84.21.192.150.
    Please tell me what I'm doing wrong.Thank you very
    much in advance.

    Zhelyazko.

                    
    __________________________________
    Do you Yahoo!?
    Yahoo! Mail Address AutoComplete - You start. We finish.
    http://promotions.yahoo.com/new_mail

    block in all
    block out all
    pass in quick on lo0
    pass out quick on lo0
    pass in quick on rl1 from 192.168.1.0/24 to any
    pass out quick on rl1 from any to 192.168.1.0/24
    pass out on rl0 proto tcp from any to any flags S keep state keep frags
    pass out on rl0 proto udp from any to any keep state
    pass out on rl0 proto icmp from any to any icmp-type 8 keep state
    pass out on rl0 proto gre from any to any keep state
    #
    #Allow SSH access
    pass in on rl0 proto tcp/udp from any to 84.21.192.150 port = 22 keep state
    #
    #Allow ping requests
    pass in on rl0 proto icmp from any to 84.21.192.150 keep state
    #
    #Allow connection on port 3389 for internal Windows RTD
    pass in on rl0 proto tcp/udp from any to 84.21.192.150 port = 3389 keep state

    ipnat.rules :

    map rl0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto
    map rl0 192.168.1.0/24 -> 0/32
    rdr rl0 0.0.0.0/32 port 3389 -> 192.168.1.2 port 3389 tcp/udp

    defaultrouter="84.21.192.1"
    gateway_enable="YES"
    hostname="ironhost.server.com"
    #ipsec_enable="YES"
    #enable_firewall="YES"
    #firewall_type="OPEN"
    #firewall_quiet="YES"
    ipfilter_enable="YES"
    ipfilter_rules="/etc/ipf.rules"
    ipnat_enable="YES"
    #natd_enable="YES"
    #natd_interface="rl0"
    #natd_flags="-f /etc/natd.rules"
    sendmail_enable="NONE"
    fsck_y_enable="YES"
    syslogd_enable="NO"
    #inetd_enable="YES"
    ifconfig_rl0="inet 84.21.192.150 netmask 255.255.255.0"
    ifconfig_rl1="inet 192.168.1.1 netmask 255.255.0.0"
    linux_enable="YES"
    moused_enable="YES"
    sshd_enable="YES"
    usbd_enable="NO"
    # This file now contains just the overrides from /etc/defaults/rc.conf.
    # Please make all changes to this file, not to /etc/defaults/rc.conf.

    # Enable network daemons for user convenience.
    # Created: Fri Feb 4 09:25:44 2000
    # -- sysinstall generated deltas -- # Fri Feb 4 09:25:44 2000
    ifconfig_rl0="inet 84.21.192.150 netmask 255.255.255.0"
    ifconfig_rl1="inet 192.168.1.1 netmask 255.255.0.0"
    defaultrouter="84.21.192.1"
    hostname="ironhost.server.com"

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Louis LeBlanc: "Re: More Intel ICH5 SATA150 hangs"

    Relevant Pages

    • RE: Serious Security Issue in Windows XP SP2s Firewall
      ... option to limit it to your internal network IP addresses. ... Serious Security Issue in Windows XP SP2's Firewall ... > connect to the Internet via dial-up or ISDN. ... > the dial-up connection as soon as you were connected to the Internet. ...
      (Focus-Microsoft)
    • Fw: Serious Security Issue in Windows XP SP2s Firewall
      ... Serious Security Issue in Windows XP SP2's Firewall ... > connect to the Internet via dial-up or ISDN. ... > network at home: Often, we did not even encounter password protection. ... > the dial-up connection as soon as you were connected to the Internet. ...
      (Focus-Microsoft)
    • Serious Security Issue in Windows XP SP2s Firewall
      ... PC-WELT discovers and fixes serious security issue in Windows XP SP2 ... Internet via dial-up or ISDN. ... Internet Connection Sharing of the PC ... network at home: Often, we did not even encounter password protection. ...
      (Bugtraq)
    • Re: Big hole??
      ... supposedly safe SP2 for Windows XP invites any Internet ... Connection Sharing of the PC has to be disabled. ... visible in their network at home: ...
      (microsoft.public.windowsxp.general)
    • Re: Wireless network issue for two SP2 computers
      ... with DSL Internet ... When I pull up view network computers, when I try to add network ... >The LAN connection also has TCP/IP, with Client for MS Networks, QoS Packet ... If the computers run the original or SP1 versions of Windows XP, ...
      (microsoft.public.windowsxp.network_web)