2009/5/14 Odhiambo ワシントン <odhia...@gmail.com>: > > > On Wed, May 13, 2009 at 9:09 PM, alexus <ale...@gmail.com> wrote: >> >> On Wed, May 13, 2009 at 12:58 PM, alexus <ale...@gmail.com> wrote: >> > i need to redirect bunch of ports, or port-range from outside to my jail >> > >> > # /etc/rc.d/ipnat reload >> > /etc/rc.d/ipnat: DEBUG: checkyesno: ipnat_enable is set to YES. >> > /etc/rc.d/ipnat: DEBUG: run_rc_command: doit: /sbin/ipnat -F -C -f >> > /etc/ipnat.rules >> > 0 entries flushed from NAT table >> > 2 entries flushed from NAT list >> > syntax error error at "port-range", line 8 >> > # grep port-range /etc/ipnat.rules >> > rdr bce0 0/0 port-range 49152:65534 -> lama port-range 49152:65534 tcp >> > # >> > >> > >> > >> > -- >> > http://alexus.org/ >> > >> >> that rule is wrong to begin with as rdr doesn't work with ranges, i >> guess I need to use something else.. >> >> anyone done something like that? use ipnat to map range of ports? this >> is for ftp PASV > > > Looks like it's time to convert your rules into PF then start using PF. > > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254733744121/+254722743223 > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > "Clothes make the man. Naked people have little or no influence on > society." > -- Mark Twain >
i'm pretty sure people have asked that in the past but i guess whats the pros and cons one vs another, we have 3 candidates ipfw - FreeBSD ipf pf - OpenBSD and why not all of 'em at once?:) bit a hassle to maintane but it seems like ipf can't do what i need, yet pf can ipfw i can limit traffic i dont know if ipf or pf can .. it seems like they all have something that the other can't -- http://alexus.org/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
