Subject: Re: The NAT solution
To: Frank Volf <volf@oasis.IAEhv.nl>
From: Sam Carleton <firstname.lastname@example.org>
Date: 07/23/2001 10:35:05
Frank Volf wrote:
> Cy Schubert - ITSD Open Systems Group wrote:
> > In message <3B5B49DC.2606DAA8@miltonstreet.com>, Sam Carleton writes:
> > > If you where not following along with the problem I had, the rdr rules
> > > in my nat file where not working. Someone send me a private email that
> > > resolved the problem. I had:
> > >
> > > rdr iy0 0/32 port 443 -> 192.168.0.x port ??? tcp
> > >
> > > But 0/32 is not valid in a rdr, I had to use the real ip address. Now I
> > > simply need to write a script that will update the nat table every time
> > > my IP changes...
> > >
> > > I am off to do some dhclient_script hacking!
> > You don't need to hack anything. Here is an example from one of the
> > firewalls I manage.
> > rdr xl0 0/0 port 25 -> 10.1.2.3 port 25 tcp
> Yeah.. but this redirects all incoming traffic with destination port 25 to
> another box. That is something different from what Sam tries to achieve
> namely, redirecting traffic to the DHCP assigned IP address of the external
> interface of his firewall to another host.
Frank, what I am trying to do is redirect everything coming into my firewall to
another machine behind the firewall. Using 0/0 solved my problem. Thanks!