Hello, I have a small home LAN with a FreeBSD 6 machine as the router. I got NAT to work, otherwise I wouldn't be posting this. But I can't get port redirection to work.
I want to redirect aMule's ports (4662 TCP, 4665 UDP and 4672 UDP) to `arlon' 192.168.1.2 on the LAN, so my /etc/ipnat.rules looks like: map tun0 192.168.1.0/24 -> 0/32 rdr tun0 0/32 port 4662 -> 192.168.1.2 port 4662 rdr tun0 0/32 port 4665 -> 192.168.1.2 port 4665 udp rdr tun0 0/32 port 4672 -> 192.168.1.2 port 4672 udp Then I find out that incoming NAT happens before filtering, so I add pretty liberal pass lines to my /etc/ipf.rules.script, which now looks like: #!/bin/sh # create the rules iif=rl0 iip=192.168.1.1 inet=192.168.1.0/24 eif=tun0 eip=$1 arlon=192.168.1.2 cat > /etc/ipf.rules << EOF # loopback pass in quick on lo0 all pass out quick on lo0 all # internel interface pass in quick on $iif from $inet to any pass out quick on $iif from any to $inet # out on eif pass out quick on $eif from $eip to any keep state # outgoing nat is done *after* filtering pass out quick on $eif from $inet to any keep state # http pass in quick on $eif proto tcp from any to $eip port=80 flags S keep state # shh pass in quick on $eif proto tcp from any to $eip port=22 flags S keep state # arlon's amule pass in quick on $eif proto tcp from any to any port=4662 pass in quick on $eif proto udp from any to any port=4665 pass in quick on $eif proto udp from any to any port=4672 # everything else blocked block in quick all block out quick all EOF # restart ipf /etc/rc.d/ipfilter restart /etc/rc.d/ipnat restart No luck. Ideas? Thanks! Artom
