Subject: Setting up NAT and then a firewall...
To: NetBSD Tech-Security <firstname.lastname@example.org>
From: Sam Carleton <email@example.com>
Date: 07/22/2001 09:52:03
I am under the impression that this is NOT the most ideal place to post
this email. Considering this question is solely about IP Filter, I
would think that the IP FIlter mailing list would be ideal. The
problem, I posted this email there yesterday and had NO replies, nor
seen anyone post anything else, what so ever. Thus I am turning to you
all, I hope you don't mind.
I am setting up my IP FIlter firewall. But I thought I should get NAT
working the way I want it first.
I have a cable modem and am assigned an IP via DHCP. I have a server
behind the firewall that will host a web server, among other things. I
need incoming requests to port 22,25,80, and 443 on the outside NIC
(iy0) to be redirected to the respected port on my web server
(192.168.0.5). With the below ipnat.conf, when I ssh'ed into the
system, I ended up on the firewall, not the 192.168.0.5 server. At this
time there is NO ipfilter rules. What am I doing wrong?
map iy0 192.168.0.1/24 -> 0/32 proxy port ftp ftp/tcp
map iy0 192.168.0.1/24 -> 0/32 portmap tcp/udp 40000:60000
map iy0 192.168.0.1/24 -> 0/32
rdr iy0 0/32 port 22 -> 192.168.0.5 port 22
rdr iy0 0/32 port 25 -> 192.168.0.5 port 25
rdr iy0 0/32 port 80 -> 192.168.0.5 port 80
rdr iy0 0/32 port 443 -> 192.168.0.5 port 443
I have also tried replacing the 0/32 in the rdr commands with