gateway machine port redirect question
Warren Block
wblock at wonkity.com
Tue Feb 23 13:25:18 UTC 2016
On Mon, 22 Feb 2016, Julian Elischer wrote:
> I Believe the problem is as follows:
>
> there are two machines inside the NAT'd lan, A and B, (local addresses) .
> The NAT machine is X on the outside and Y on the inside.
> B is also visible to the outside world as the Nat'd address C (which may or
> may not be the same as X).
>
> A wants to be able to send a request to address C and have it bounce back to
> B, (with a source address of Y).
> The reply to Y should in turn be bounced back to A.
>
> This is quite complicated and while I am sure we could work out how it
> should be done I can't just rattle off an answer. It probably requires
> two instances of NAT a regular NAT on the external interface, and a
> reverse nat on the inside interface, triggering on outgoing packets.
> turning them around
Um... I think that is effectively what those few lines of PF I posted
do. Granted, it is probably a lot easier with PF.
There is a server inside my LAN. I needed to access it by its outside
address regardless of whether the client was inside or outside. And the
excerpts I posted earlier work. It is actually just three things in
addition to the standard gateway NAT:
1. The NAT for the LAN to the inside server
2. The redirect from the LAN to the inside server
3. The redirect from the outside to the inside server
More information about the freebsd-net
mailing list