NAT Question

jhall at jhall at
Thu Oct 11 15:02:27 PDT 2007

I have a question regarding ipf and ipnat.  I have a firewall with two
public IP addresses.  One of the IP addresses is for incoming Internet
traffic only and the other is for incoming e-mail.  I'm not sure why my
ISP has done, this, but they have.

In otherwords, all incoming http traffic (port 80) will be going to the
address and all incoming smtp traffic (port 25) will be going to   The internal address of the firewall is

The webserver has an internal address of and a default
gateway of (the firewall).

If I use rdr on an incoming connection,  will repsonses exit the network
on the same interface they entered the firewall on?

Following are the rules I would use.

rdr em1 port 80 -> port 80 tcp

pass in on em1 from any to port = 80 keep state
pass out on em1 from port = 80 to any keep state

Does this solution make sense, or is there a better way to accomplish the
same thing?

Thanks for your help.


More information about the freebsd-questions mailing list