ipf/ipnat problem

[Efren Bravo]

HI,

Problem with ipf/ipnat.

(PC1: 192.168.80.15)
       \\
 (fbsd vr0 out if: 192.168.80.4) 
         ||           
 (fbsd sis0 in if: 7.96.10.13)
       // 
(Internal LAN: 7.96.10.x)
     //
(PC2: 7.96.10.200 - Telnet running)
(PC3: 7.96.10.201 - Wev Srv running) 

IPF Rules:
----------
The same of handbook 25.5.13 Inclusive Rule Set
Example but adjusted to PC2, PC3 Services.

#Allow in Telnet from public LAN to fBSD Box
pass in quick on vr0 proto tcp from any to any
port = 22 flags S keep state

#Allow in SSH from public LAN to PC2
pass in quick on vr0 proto tcp from any to any
port = 23 flags S keep state

#Allow in HTTP from public LAN to PC3 #
pass in quick on vr0 proto tcp from any to any
port = 80 flags S keep state

IPNAT Rules (vr = out if):
--------------------------
map vr0 7.96.10.0/24 -> 192.168.80.4/32
rdr vr0 192.168.80.4/32 port 23 -> 7.96.10.200
port 23
rdr vr0 192.168.80.4/32 port 80 -> 7.96.10.201
port 80


>From Internal LAN I've access to any services on
public LAN.
>From public LAN I've access to fBSD' ssh but
haven't access to internal telnet, web server.

Nevertheless I get those statistics:
ipfstat -t:
-----------
Source IP          Destination IP  ST  PR  #pkts
#bytes       ttl
192.168.80.15,3513 192.168.80.4,22 4/4 tcp  107  
12141 119:59:59
192.168.80.15,3512 7.96.10.200,23  2/0 tcp    6  
  288      2:12
192.168.80.15,3510 7.96.10.201,80  2/0 tcp    6  
  288      2:00

ipnat -l:
---------
List of active sessions:
RDR 7.96.10.200 23 <- -> 192.168.80.4 23   
[192.168.80.15 3512]
RDR 7.96.10.201 80 <- -> 192.168.80.4 80   
[192.168.80.15 3510]

What clould be happening?

Thanks...


Efren Bravo.


	
	
		
______________________________________________ 
Renovamos el Correo Yahoo! 
Nuevos servicios, más seguridad 
http://correo.yahoo.es