Firewall

Richard Smith rdls at rdls.net
Tue Feb 27 17:00:38 GMT 2001


David Richards wrote:
> 
> OK. i have edited my natd.conf and killed HUP it. When i type it
> http://194.73.89.1:8888 which is mapped to 192.168.1.3:80 i get paged cant
> be displayed
> 
> here is my natd.conf
> 
> interface ed0
> same_ports yes
> redirect_port tcp 192.168.1.3:3389 3389
> redirect_port tcp 192.168.1.3:80 8888
> 
> the first redirect line is for windows window terminal services and the
> other one for a web server that i am playing about with. But none of it work
> :(
> any other ideas or views ?

1) run tcpdump on the 194.73.89.1 on both the external interface and the
internal interface to see whats going on.

2) check that 192.168.1.3 can at least get out to the internet

3) check the firewall rules, initially, make them unrestrictive,
temporarily place a `${fwcmd} add pass all from any to any' somewhere
soon after the nat divert rule, so that nat continues to work. When you
get it working with the `pass all' firewall, reinstate your rules, but
remember to include a pass rule for external setup on 194.73.89.1 ports
8888 and 3389.

5) keep an eye on which fw rules are causing you grief with `ipfw show',
watch the counters and the security logfile.

Richard.

________________________________________________________________________
This message has been checked for all known viruses, by Star Internet, 
delivered through the MessageLabs Virus Control Centre. 
For further information visit:
http://www.star.net.uk/stats.asp





More information about the Ukfreebsd mailing list