netbsd-help: ipnat problem

Subject: ipnat problem - more info
To: None <netbsd-help@netbsd.org>
From: None <madhombre@yahoo.com>
List: netbsd-help
Date: 01/04/2002 13:30:37
Once again I apologize, you guys love the details
don't ya! *g*

ok this is the way I have my system set up

complete and precise

A - netbsd 1.5.2, gateway for other machines as well
as good stuff like a firewall dhcp and dns. Also
qmail.
bubba.iosys.net 192.168.1.1

B - redhat 7.0 , web server, ftp server
rachet.iosys.net 192.168.1.4

various clients
roamer 192.168.1.5, chopper 192.168.1.2 and punky
192.168.1.3


bubba has a cable modem connection which is
dynamically created from the modem, 66.168.?.?,
interface is tlp1

also had a dial up modem which has a static ip of
216.127.193.160, jons.dotnet.com, interface is ppp0

also has tlp0 as the local network interface

The problem is the mail server which runs on bubba,
this I need to send out AND recieve info on the ppp0
interface.

ALL other outbound data should be passed through the
tlp1 interface, and all local network traffic on the
tlp0 interface.

Inbound is easier except for the fact that I need
rules to transfer the ppp0 connections on ports 80 and
21 to the web server rachet. These are fine.

The rest of the inbound are not really a problem,
except for the fact that they are not allowed right
now!

So there should be no inbound traffic through the
cable modem, but this is a firewall issue.

bubba is always the gateway, I did have map commands
to act as the gateway but this was a full 2 way, no
routing gateway which is not what I need.

I have map commands to allow ALL outbound to tlp1, so
I need a command to allow me to redirect the port 25
requests to go to ppp0 but leave everything else as
tlp1.

Then what I can do is put back the command for the
gateway to be allow the ppp0 inbound and outbound BUT
only port 25 with go to ppp0

So what are these commands??? I know how to redirect
because I do this for my ports 80/21.

But what do I need to redirect the outbound data to
the desired interface depending on port.

It is probably very simple.

I saw a comment about the examples, but like I said I
don't fully understand what everything does and the
documentation is very good, so I don't know the theory
about implementing what I need to do!

I don't have access to my ipnat file right now because
I am at work, but I don't think you need it.

Remember ip address is not a problem, the only
outbound distinction is port.

Thanks!

__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com