On Fri, 14 Aug 1998, Michael Begley (Volt Computer) (Exchange) wrote:

> hiya...I'm having no success getting ipnat working at all under 1.3.2.  I
> have a machine with two net cards, we0 to the outside network, and ec0 to
> the inside network, which is IP'd as 192.168.69.*.  I'm running the GENERIC
> kernel, which according to the conf file does have ipfilters compiled in.

	Well i tried to do this as well, Unfortunately i need to turn on 
ipfilter=YES and have a blank /etc/ipf.conf file to get it work. 

> 
> I set up a simple rule, just to play around & learn, that I believe should
> redirect all connections to port 2000 to port 23 of another machine.  the
> rule I used is:
> 
> rdr we0 0.0.0.0/0 port 2000 -> 206.191.178.69 port 23

	If you go to the /usr/share/examples/ipf there is sample that
might help you. I Never tried rdr command i used map to let local machines
to get out to the internet.


> 
> However, connections to port 2000 are not routed to port 23 of this other
> machine.  the connection eventually times out.
> 
> if, while this connection is still waiting to time out, I do an ipnat -l on
> the gateway machine, I see the following:
> 
> gateway# ipnat -l
> List of active MAP/Redirect filters:
> rdr we0 0.0.0.0/0 port 2000 -> 206.191.178.69 port 23 tcp
> 
> List of active sessions:
> RDR 206.191.178.69  23    <- -> 206.191.178.70  2000  [206.191.178.69 2903]
> 114 0 f845
> 
> (in this case I telnetted from the machine that I was trying to be
> redirected back to)
> 
> so apparently it's *trying* to make the connection, but cannot.  Is there
> something really basic I'm missing here?
>