IPFW Firewall NAT inbound port-redirect
Bill Tillman
btillman99 at yahoo.com
Wed Jul 13 06:05:42 UTC 2011
________________________________
From: Michael Sierchio <kudzu at tenebras.com>
To: Dan Nelson <dnelson at allantgroup.com>
Cc: Bill Tillman <btillman99 at yahoo.com>; freebsd-questions at freebsd.org
Sent: Tue, July 12, 2011 6:35:19 PM
Subject: Re: IPFW Firewall NAT inbound port-redirect
We're not talking about natd. The question was about the use of ipfirewall nat.
On Tue, Jul 12, 2011 at 9:03 AM, Dan Nelson <dnelson at allantgroup.com> wrote:
> In the last episode (Jul 12), Michael Sierchio said:
>> Is there a way of specifying a particular public address if there is
>> more than one bound to the external interface? A la
>>
>> nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22
>>102.10.22.1:2222
>
> Yes; the redirect_port syntax is described in the natd manpage:
>
> redirect_port proto targetIP:targetPORT[-targetPORT]
> [aliasIP:]aliasPORT[-aliasPORT]
> [remoteIP[:remotePORT[-remotePORT]]]
>
>
>
> --
> Dan Nelson
> dnelson at allantgroup.com
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
NATD and IPFW work together. It's a little hard to explain in this format so as
Dan suggests, you should read the manpage on each. Also, do some google searches
and you will find many helpful articles. But take my word for this, you can do
exactly what you want with IPFW+NATD. There are those who will probably promote
PF as the firewall of choice as well. It all depends on what you become familiar
with.
More information about the freebsd-questions
mailing list