Subject: Re: Setting up NAT and then a firewall...
To: Sam Carleton <email@example.com>
From: Manuel Bouyer <firstname.lastname@example.org>
Date: 07/22/2001 17:36:46
On Sun, Jul 22, 2001 at 09:52:03AM -0400, Sam Carleton wrote:
> I am under the impression that this is NOT the most ideal place to post
> this email. Considering this question is solely about IP Filter, I
> would think that the IP FIlter mailing list would be ideal. The
> problem, I posted this email there yesterday and had NO replies, nor
> seen anyone post anything else, what so ever. Thus I am turning to you
> all, I hope you don't mind.
> I am setting up my IP FIlter firewall. But I thought I should get NAT
> working the way I want it first.
> I have a cable modem and am assigned an IP via DHCP. I have a server
> behind the firewall that will host a web server, among other things. I
> need incoming requests to port 22,25,80, and 443 on the outside NIC
> (iy0) to be redirected to the respected port on my web server
> (192.168.0.5). With the below ipnat.conf, when I ssh'ed into the
> system, I ended up on the firewall, not the 192.168.0.5 server. At this
> time there is NO ipfilter rules. What am I doing wrong?
Ha, NO ipfilter rules. ipfilter needs to be enabled for NAT to work.
Try 'ipf -E' to test.
You may want to create a dummy /etc/ipf.conf with just
pass in from any to any
and enable ipf in /etc/rc.conf, so that ipf -E will be run at boot.
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr