ipnat port-range
Patrick Lamaizière
patfbsd at davenulle.org
Sun May 17 21:05:46 UTC 2009
Le Sun, 17 May 2009 16:16:51 -0400,
alexus <alexus at gmail.com>:
> i dont see how things are obvious for you as they not so obvious for
> me. first of all my ipf default policy to allow everything.
>
> so the original question is for ipnat and not for ipf
>
> now for non-passive (active) i put in these rules
>
> rdr bce0 0/0 port ftp-data -> lama port ftp-data tcp
> rdr bce0 0/0 port ftp -> lama port ftp tcp
>
> and for pasv i still dont know what to do
>
> i've tried
>
> rdr bce0 0/0 port 49152-65534 -> lama port 65534
>
> and in my ftp i said that this is range for pasv connections
I don't think there is a way to redirect a ports ranges to a ports
range with ipnat. For my ftp server I redirect each port (I use 30000
to 30039 for FTP) with a rule:
rdr vr0 0.0.0.0/0 port 21 -> 192.168.1.4 port 21
rdr vr0 0.0.0.0/0 port 30000 -> 192.168.1.4 port 30000
rdr vr0 0.0.0.0/0 port 30001 -> 192.168.1.4 port 30001
...
rdr vr0 0.0.0.0/0 port 30038 -> 192.168.1.4 port 30038
rdr vr0 0.0.0.0/0 port 30039 -> 192.168.1.4 port 30039
For ipnat see
http://www.westworks.ch/~chris/netbsd/NetBSD-NAT-FTP-server.html
Regards.
More information about the freebsd-questions
mailing list