On Mon, May 11, 1998 at 10:37:11PM +0930, Ian Dall wrote:

> I have a headless machine as a gateway and I wish to redirect X traffic
> to an Xterm (well a Sun3 with Xkernel).

rdr *does* work - I'm using it with our IPNAT in my current setup. I'm
not sure why your setup is failing... The only real difference I see in
our setups is what I'm saying to redirect.

Yours:

> rdr ppp0 131.185.44.51/32 port X0 -> 10.0.0.2 port X0
> rdr lo0 127.0.0.1/32 port X0 -> 10.0.0.2 port X0
> rdr lo0 10.0.0.1/32 port X0 -> 10.0.0.2 port X0

Mine:

map ppp0 10.0.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:65000
map ppp0 10.0.0.0/24 -> 0.0.0.0/32
rdr ppp0 0.0.0.0/0 port www -> 10.0.0.5 port www

Do you need to redirect your loopback, incidentally? I don't see how that
could cause problems, though.

Maybe you could try cutting down what you're doing? Try an rdr line like
mine, for instance, without the loopback lines and without specifying a
particular address. (You'll need to test this by doing Xishness from some-
where else, so it's coming through ppp0, but whatever...)

Wait... Doh! You're not doing any mapping! Your redirect filter is going
to pass stuff through, but without mapping your inside machine can't reply -
at least, that's my understanding. Does that seem to apply here?

> Whereas if I say try and telnet to port 6001, I get an immediate
> "Unable to connect to remote host: Connection refused".

Right... That's not being mapped *or* redirected, so it fails if there's
nothing servicing the port on the gateway machine itself.

Tell me how it goes! If my concepts aren't confused, then adding in the
map rule(s) will fix you.

Caveat: I'm using 1.3.x on my machines, so there may be something different
with -current.

-- 
Mason Loring Bliss...mason@acheron.middleboro.ma.us...www.webtrek.com/mason
"In the drowsy dark cave of the mind dreams build their nest with fragments
 dropped from day's caravan."--Rabindranath Tagore...awake ? sleep : dream;