[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: simple IPF and IPNAT but problem between chair and keyboard

To: "'Billy'" <_bil_@mail.ru>
Subject: RE: simple IPF and IPNAT but problem between chair and keyboard
From: Dean Carey <dcarey@dolfin.com>
Date: Tue, 1 May 2001 15:33:06 -0400
Cc: "'misc@openbsd.org'" <misc@openbsd.org>

Not to flame Billy.  But I would suggest that you man ipnat!!!


Dean Carey

PGP public key available upon request.



-----Original Message-----
From: Billy [mailto:_bil_@mail.ru]
Sent: Tuesday, May 01, 2001 2:54 PM
To: Dean Carey
Cc: wfm@macscan.co.uk; misc@openbsd.org
Subject: Re: simple IPF and IPNAT but problem between chair and keyboard


Tue, 1 May 2001 11:42:32 -0400   Dean Carey <dcarey@dolfin.com> пишет:

> redirects need to be placed before mappings!!!
you are not right
alomost all examples gives redirs after maps
and my ipnat.conf is working havind rdr after map

> 
> try that and post again if no luck! ;-)
>
> 
> 
> Dean Carey
> PGP public key available upon request.
> 
> 
> 
> -----Original Message-----
> From: Will Macdonald [mailto:wfm@macscan.co.uk]
> Sent: Tuesday, May 01, 2001 11:20 AM
> To: misc@openbsd.org
> Subject: simple IPF and IPNAT but problem between chair and keyboard
> 
> 
> I installed the 2.9 snapshot on a machine yesterday, and configures using
> the same rules I had applied to a 2.8 machine recently, and am having
> serious problems use rdr to send SMTP/www traffice to a machine on
> internal
> network.
> 
> I have simplified the rules as much as possible, but no joy. I've also
> read
> through www.obfuscation.org/ipf without any luck.
> 
> Can someone see what is wrong ?? I have modified the file sysctl.conf and
> rc.conf accordingly. All traffic behind the NAT machine works OK, but when
> I
> try to telnet to port 25 from outside i get no response.
> 
> In the ipnat.rules file I tried having the map rules after the rdr rules,
> but no luck either way.
> /etc/ipnat.rules
> map ep0 10.1.1.7/24 -> 123.123.123.123/32 portmap tcp/udp 1025:65000
> map ep0 10.1.1.7/24 -> 123.123.123.123/32
> 
> #map ppp0 10.0.0.0/8 -> ppp0/32 portmap tcp/udp 10000:20000
> rdr ep0 123.123.123.123/32 port 25 -> 10.1.1.1 port 25
> rdr ep0 123.123.123.123/32 port 80 -> 10.1.1.1 port 80
> rdr ep0 123.123.123.123/32 port 110 -> 10.1.1.1 port 110
> rdr ep0 123.123.123.123/32 port 143 -> 10.1.1.1 port 143
> rdr ep0 123.123.123.123/32 port 993 -> 10.1.1.1 port 993
> 
> 
> /etc/ipf.rules
> pass in from any to any
> pass out from any to any
> 
> pass in quick on ep0 proto tcp from any to 123.123.123.123/32 port = 25
> keep
> state
> pass in quick on ep0 proto tcp from any to 123.123.123.123/32 port = 80
> keep
> state
> pass in quick on ep0 proto tcp from any to 123.123.123.123/32 port = 143
> keep state
> pass out quick on ep0 proto tcp from any to any keep state

Prev by Date: Question about ipsec
Next by Date: Re: mpg123 weirdness
Prev by thread: RE: simple IPF and IPNAT but problem between chair and keyboard
Next by thread: Re: simple IPF and IPNAT but problem between chair and keyboard
Index(es):
- Date
- Thread