The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 ipnat port forwarding not working
Author: Marco Raposo 
Date:   14-08-00 12:55

I've posted a question earlier.
I was trying to execute an one to one mapping. I want an internal machine referenced as "Services machine" to receive packets target to IP x.x.x.86 while my gateway external interface has IP x.x.x.84
The answer was to assign to my external NIC a secondary IP. (THANKS STU)

I've done that and now i'm able to ping my "internal machine" by is assigned "external" IP. In detail, now i ping x.x.x.86, the frame is "captured" by my external interface with IP x.x.x.84 and them forwarded to the right machine. However, a request no any service won't work... it seems that the IP layer is working, but not the TCP/UDP layer.

________________ NATRULES __________________

map rl0 192.168.3.0/24 -> xxx.xxx.xxx.84/32
bimap rl0 192.168.3.10/32 -> xxx.xxx.xxx.86/32
_____________________________________________

I've then tried a different approach and removed the bimap rule and tried to redirect the telnet port from de gateway machine to my internal machine as follows:

________________ NATRULES __________________

map rl0 192.168.3.0/24 -> 195.23.8.84/32

rdr rl0 195.23.8.84/32 port 23 -> 192.168.3.254 port 23 tcp/udp
_____________________________________________

And the problem remains... it seems that i'm getting the redirection done, then i get no answer from the port. This behavior is apparently the same, no TCP/UDP layer forwarding/response.

______________ IP nat -l output __________________

List of active MAP/Redirect filters:
map rl0 192.168.3.0/24 -> 195.23.8.84/32
rdr rl0 195.23.8.84/32 port 23 -> 192.168.3.254 port 23 tcp/udp

List of active sessions:
RDR 192.168.3.254 23 <- -> 195.23.8.84 23 [193.136.238.200 2376]
MAP 192.168.3.31 4246 <- -> 195.23.8.84 20002 [193.136.238.200 22]
_____________________________________________

Any suggestions?

Reply To This Message
 
 RE: ipnat port forwarding not working
Author: Dan Langille 
Date:   14-08-00 22:13

I think your NAT rules are incorrect. Here are mine:

map ed0 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 40000:65000
map ed0 192.168.0.0/24 -> 0.0.0.0/32

Just use 0.0.0.0/32 instead of your public IP. Make sure your NAT rules are before your rdr rules.

As for rdr, they also appear to be incorrect. Here is one of mine:

rdr ed0 192.168.1.1/32 port 80 -> 192.168.0.78 port 80

Note the lack of a mention of protocol.

Reply To This Message
 
 RE: ipnat port forwarding not working
Author: Stu 
Date:   17-08-00 13:35

Tend to agree Dan

This is copy of my natrules - doing what you ask Marco - but mine works fine

map fxp1 172.22.0.0/16 -> 203.x.x.13/32 portmap tcp/udp 10000:40000
map fxp1 172.22.0.0/16 -> 203.x.x.13/32

bimap fxp1 172.22.0.2/32 -> 203.x.x.16/32

This does NAT and maps private addr 172.22.0.2 to public addr 203.x.x.16

All protocals work fine on the bimap address.

Stu


Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org