Subject: Re: IPNat, IPF, and webservers...
To: David Woyciesjes <DAW@yalepress3.unipress.yale.edu>
From: Mike Pelley <firstname.lastname@example.org>
Date: 10/20/2000 14:46:27
I haven't looked at the stuff at dubbele.com but here are some thoughts.
> Now, all I want is to allow http (port 80) traffic thru to machine
> rdr ppp0 0/32 port 80 -> 10.10.10.10 port 80 tcp
One thing to check - the default gateway for 10.10.10.10 must be the NetBSD
machine so ipnat can rewrite the reply packets. I imagine you would have
set it that way but maybe not.
> BTW, aren't there command to renew the ipf and ipnat rules w/o rebooting?
To renew ipnat rules without disconnecting current sessions you can use
"ipnat -C -f /etc/ipnat.conf", and to renew ipfilter rules you can use
"ipf -Fa -f /etc/ipf.conf".