Re: NPF NAT Hairpinning

To: netbsd-users%netbsd.org@localhost
Subject: Re: NPF NAT Hairpinning
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 4 Jul 2016 21:10:59 +0000 (UTC)

In article <loom.20160704T175143-43%post.gmane.org@localhost>,
Ryan Brackenbury  <ryan.brackenbury%gmail.com@localhost> wrote:
>Christos Zoulas <christos <at> astron.com> writes:
>
>> 
>> ext_if= your external interface
>> internalwww= the ip address of the internal web server
>> 
>> map $ext_if dynamic $internalwww port 80 <- inet4($ext_if) port 80
>> 
>> 
>
>I had this in my setup already, actually. I played around with testing 
>inet4($ext_if) vs. just $ext_if, both without success. My npf.conf is based 
>off of the soho example in /usr/share/examples/npf/, so I don't think I'm 
>doing anything bizarre that would alter the nat behaviour.

You need to put explicit pass rules to allow that traffic too. Also use
npflog to see what's going on and tcpdump. I know that works; I use it
for a minecraft server and and xbox one.

christos

References:
- NPF NAT Hairpinning
  - From: Ryan Brackenbury
- Re: NPF NAT Hairpinning
  - From: Christos Zoulas
- Re: NPF NAT Hairpinning
  - From: Ryan Brackenbury

Prev by Date: Re: NPF NAT Hairpinning
Next by Date: Any support for Intel Dual Band Wireless-AC 3160 in 7?
Previous by Thread: Re: NPF NAT Hairpinning
Next by Thread: Any support for Intel Dual Band Wireless-AC 3160 in 7?
Indexes:

Home | Main Index | Thread Index | Old Index