well you have many options with freebsd. 1. IPNAT using IPFILTER 2. NATD using IPFW 3. FTWK (/usr/ports/security/fwtk or /usr/ports/net/fwtk) This is basiclly a set of proxies.
Lets go with ipfilter. First load the ipfilter module or build a kernel with it installed. kldload ipl will install the module. (Note: you will need to edit /etc/rc.conf to make ipfilter load on start up) man 5 ipnat to get info on how to setup nat rules man 5 ipf for the firewall rules. also there should be some examples in /usr/src/crontrib/ipfilter/rules basiclly it sounds like to need a bi direct nat rule (also known as static nat) it would look something like this. bimap $OUTSIDENIC 192.168.2.1 -> $INTERNETIP I'm assuming 192.168.2.1 is the servers address. You can find many faq on ipfilter from a quick search on google. --- "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > aybe just my pain, but I am perusing everywhere > (http://groups.google.com), also faq's, tutorials > and so on, but I am > not able to get a single reply (maybe I am too > newbie even for the man > pages - I cannot apply it to my question): > > I need to mount a server in a (sort of) dmz, > serving http, pop3 and smtp > for both sides of a firewall (the public and the > private), like this: > > /internet/---/firewall/---> internal lan > (192.168.1.0) > | > |--> /server(s) 192.168.2.0) > > any request to the external ip for any available > service must be > addressed to the 192.168.2.0. Also, any request > from 192.168.1.0 *must* > be addressed to the 192.168.2.0 > > Anybody please can point me out to any document, > tutorial, easy-hands-on > on the subject?? Even RTFM will help, *if* > mentioning the correct > expression which must be searched. > > > sauda��es, > irado furioso com tudo > linux user 179402 > deus � constru�do � imagem e semelhan�a do homem. > Principalmente em seus defeitos. > > por favor, clique aqui: > http://www.thehungersite.com > e aqui tamb�m: http://cf6.uol.com.br/umminuto/ > > ------------------------------------------------------------ > Nettaxi would like to ask for your help in donations > to the RED CROSS today! > http://www.nyredcross.org/donate/ > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls __________________________________________________ Do You Yahoo!? NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
