ipfw - natd - Port Forwarding
Thomas Dwyer
tom at dwyers.ca
Tue Sep 9 13:23:20 PDT 2003
Hello;
I'm having a problem getting port forwarding working with FreeBSD 4.8.
I have the following options compiled in the kernel:
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=15
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
My ipfw config is:
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
00500 divert 8668 ip from any to any via fxp0
65535 allow ip from any to any
The applicable options I have specified in rc.conf are:
firewall_enable="YES"
gateway_enable="YES"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="fxp0"
natd_flags="-f /etc/natd.conf"
And in the natd.conf file I have:
log yes
interface fxp0
use_sockets yes
same_ports yes
redirect_port tcp 192.168.0.1:27015 27015
The workstation 192.168.0.1 is a Windows 2000 machine. The default gateway is the internal IP address of the firewall which is 192.168.0.254
All internet browsing, tracert, ping etc works from the Windows 2000 machine out to the internet.
I have telnet server running on the windows 2000 machine listening on port 27015. I can telnet to it from another workstation on the LAN as well as from the firewall directly through the LAN interface.
When I try it from an outside source it looks like traffic is arriving at the Windows 2000 machine (the little computer screens for the LAN connection flash on the tray icon) but the connection doesn't complete and it times out.
Help!
Tom
More information about the freebsd-ipfw
mailing list