----- Original Message ----- From: "Tech Support" <[EMAIL PROTECTED]> To: "freebsd-questions" <[EMAIL PROTECTED]> Sent: Tuesday, October 07, 2003 1:14 PM
> Background > > I am currently running freeBSD 4.8 on a box as > a) a gateway for the house for internet access on dialup permanant IP ... > i ) port Sentry Is this your firewall? > I need to run a couple of programs inside the lan where ports are > directed to them from outside the lan eg all the above services are > located on the Bsd box ( 192.168.x.x ) and i need to direct port 5060 > to 192.168.0.7 ( for arguments sake ) ... > a) is this overkill ( is there an EASIER way to do what I want ( port > redirecting ) ( bearing in mind that although the lights are on in the > attic they are at times low wattage :-) ) > > b ) WHAT do I need to change on my BSD box ( rc.conf etc ) to make it > work the way described ? Remembering that this is only temporary . If you use ipfw that's available with the base system (you have to add an option to your kernel config to enable), then you get a very configurable firewall with the ability to port forward. If all you wanted to do is forward traffic on a few ports and leave everything else wide open, your rule set would be as simple as: ipfw add fwd 192.168.0.7 from any 5060 to me ipfw add allow from any to any Of course I recommend that you do not leave your system wide open but if Port Sentry is already filtering your traffic to your liking, you can just use the forwarding feature of ipfw. See man ipfw and the handbook for more info. Note: The above assumes that ipfw sees a dial-up interface just like any other network interface. I've never used dial-up but have had no problems using ipfw to forward packets with regular Ethernet interfaces. YMMV. HTH, Drew _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"