Hi,

My brain feels a little fuzzy right now and I need to have this working
a few hours ago.

I need to connect to some vnc servers behind a natd/ipfw machine. The
setup is:

me(10.10.10.10)-~-rl0(20.20.20.20) nat/ipfw rl1(192.168.0.1)--(192.168.0.4)vnc

On the nat/ipfw machine here's an except from ipfw rules:
01350     14      728 allow log tcp from 10.10.10.10 to me dst-port 5900-5999 
keep-state
01500  65005 34232225 divert 8668 ip from any to any via rl0
1550    429   163094 allow log tcp from any to 192.168.0.4

And here's the nat config file:
 # cat /etc/natd.conf
interface rl0
redirect_port tcp 192.168.0.4:5900-5999 5900-5999
redirect_port udp 192.168.0.4:5900-5999 5900-5999
use_sockets
same_ports
unregistered_only
log
log_denied
log_ipfw_denied

But the packets are not redirected:

kernel: ipfw: 1350 Accept TCP 10.10.10.10:64010 82.76.1.117:5900 in via rl0
kernel: Connection attempt to TCP 20.20.20.20:5900 from 10.10.10.10:64010 fla
gs:0x02
kernel: ipfw: 1350 Accept TCP 20.20.20.20:5900 10.10.10.10:64010 out via rl0


Telneting from nat/ipfw machine to 192.168.0.4 connects to the vnc server.

What am I doing wrong ?


Thanks,

-- 
IOnut
Unregistered ;) FreeBSD "user"
5.3-BETA4 - try `sysctl debug.witness_watch=0`
and prepare to fly :-)
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to