doc correction

[Spring, Jeremy]

Thanks for the reply.  I recently found out that packet filtering (pf) was also enabled on this machine at the same time I was trying to setup nat / ipfw.  I haven't used pf before and am not sure how it would affect a natd / ipfw setup.  Maybe it would be ok to throw this issue out.

-----Original Message-----
From: Lowell Gilbert [mailto:lgusenet at be-well.ilk.org] 
Sent: Tuesday, September 21, 2010 11:53 AM
To: Spring, Jeremy
Cc: freebsd-doc at freebsd.org
Subject: Re: doc correction

Jeremy.Spring at us.lawson.com (Spring, Jeremy) writes:

> I setup nat translation and port forwarding on my FreeBSD 8.1-RELEASE machine.  It took me a while to get this working because I had to find out by trial and error that the interface to forward packets through is NOT the interface connected to the Internet as the documentation suggests, but rather, is the interface connected to my private network.
>
> My final nat command string is:
> /sbin/natd -redirect_port tcp 10.13.55.4:3389 3389 -n em1
>
> where em0 is connected to the Internet, em1 is connected to my private network, and I want to forward incoming RDP traffic destined for my public facing IP to 10.13.55.4.  The documentation suggests that I should be using my Internet facing interface (em0), but this doesn't work.  The documentation I am looking at is at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html.  Please let me know if you have any questions.

No, normally one *would* run natd on the external interface.  It
shouldn't matter a whole lot in the common case of a single internal and
a single external interface, but if you get more interfaces inside, you
really want to have them handled by the same process.

I don't currently have any redirect_port options to play with, but my
tech-support crystal ball tells me that the problem was probably with
how you got the packets chosen to go into natd in the first place.