vnc and nat
Ion-Mihai Tetcu
itetcu at apropo.ro
Thu Sep 23 08:24:52 PDT 2004
Hi,
My brain feels a little fuzzy right now and I need to have this working
a few hours ago.
I need to connect to some vnc servers behind a natd/ipfw machine. The
setup is:
me(10.10.10.10)-~-rl0(20.20.20.20) nat/ipfw rl1(192.168.0.1)--(192.168.0.4)vnc
On the nat/ipfw machine here's an except from ipfw rules:
01350 14 728 allow log tcp from 10.10.10.10 to me dst-port 5900-5999 keep-state
01500 65005 34232225 divert 8668 ip from any to any via rl0
1550 429 163094 allow log tcp from any to 192.168.0.4
And here's the nat config file:
# cat /etc/natd.conf
interface rl0
redirect_port tcp 192.168.0.4:5900-5999 5900-5999
redirect_port udp 192.168.0.4:5900-5999 5900-5999
use_sockets
same_ports
unregistered_only
log
log_denied
log_ipfw_denied
But the packets are not redirected:
kernel: ipfw: 1350 Accept TCP 10.10.10.10:64010 82.76.1.117:5900 in via rl0
kernel: Connection attempt to TCP 20.20.20.20:5900 from 10.10.10.10:64010 fla
gs:0x02
kernel: ipfw: 1350 Accept TCP 20.20.20.20:5900 10.10.10.10:64010 out via rl0
Telneting from nat/ipfw machine to 192.168.0.4 connects to the vnc server.
What am I doing wrong ?
Thanks,
--
IOnut
Unregistered ;) FreeBSD "user"
5.3-BETA4 - try `sysctl debug.witness_watch=0`
and prepare to fly :-)
More information about the freebsd-questions
mailing list