Help with ipfw please
Igor V. Ruzanov
igorr at canmos.ru
Tue Dec 22 16:55:05 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 22 Dec 2009, Коньков Евгений wrote:
|Здравствуйте, Tiago.
|
|Вы писали 22 декабря 2009 г., 14:59:50:
|
|T> Im trying to add a basic rule in my ipfw.
|T> My server has 2 network address, one for external access (x.x.x.x) and other
|T> for the local network(y.y.y.y).
|T> The mysql is binded to the local network, but I would like to allow my home
|T> computer (z.z.z.z) to connect to the mysql by the external ip.
|T> so basicaly im trying to do is: if request comes from z.z.z.z to
|T> y.y.y.y:3306 redirect to x.x.x.x:3306
|T> I tryed some configuration but I ended locked outside the machine...
|
|You need -redirect_port
|man natd:
Also it could be done at kernel-level with ipnat. Simple rule doing
something like DNAT looks like (/etc/ipnat.conf):
rdr <input_if_name> z.z.z.z port 3306 -> x.x.x.x port 3306 tcp
After when /etc/ipnat.conf is prepared, say ipnat -f /etc/ipnat.conf and
see active sessions with ipnat -l.
Good luck.
+-------------------------------------------+
! CANMOS ISP Network !
+-------------------------------------------+
! Best regards !
! Igor V. Ruzanov, network operational staff!
! e-Mail: igorr at canmos.ru !
+-------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQFLMPnnbt6QiUlK9twRAi2SAJ9FW9gdsHFBM6ZVrZhuIrPur7jdXACff/7z
qe3vBcSjtevHsD5wKaJRVSg=
=BIyk
-----END PGP SIGNATURE-----
More information about the freebsd-questions
mailing list