netbsd-users: Re: inside-in redirects

Subject: Re: inside-in redirects
To: Aaron J. Grier <agrier@poofygoof.com>
From: None <collver1@comcast.net>
List: netbsd-users
Date: 07/01/2003 16:20:34

On Tue, Jul 01, 2003 at 11:49:47AM -0700, Aaron J. Grier wrote:
> On Mon, Jun 30, 2003 at 01:55:24PM -0700, collver1@comcast.net wrote:
> 
> > How about trying the following?
> > 
> > rdr le0 publicIP/32 port 80 -> 10.0.0.6 port 80 tcp
> 
> good guess, but not quite...

Aha, the reason it works for me and not for you is because my web server
is on a third physical segment, and therefore can only respond through
my router.

ep0 = publicIP
ep1 = trustedNET
ep2 = untrustedNET

so in the router's /etc/ipnat.conf

rdr ep0 publicIP/32 port 80 -> 10.0.13.13 port 80
rdr ep1 trustedNET/24 port 80 -> 10.0.13.13 port 80

Ben
-- 
metaphors be with you