dc0 (external) -J.
On Thu, 2002-10-31 at 16:29, Zafer Dastan wrote: > which interface (dc0 or dc1) contains $server (10.109.10.97/32) ip address ? > > Daniel Hartmeier wrote: > > >On Thu, Oct 31, 2002 at 01:26:36PM -0500, Jason Dixon wrote: > > > > > > > >>nat on $int_if proto tcp from $int_net to $server port 80 -> $int_if > >> > >>/etc/nat.conf:22: syntax error > >>pfctl: syntax error in file: nat rules not loaded > >> > >> > > > >Yes, pf in 3.1 doesn't allow to specify ports in nat rules, that was > >added after 3.1-release... > > > > > > > >>The client appears to connect to the proxy just fine, based on the > >>output of "pfctl -ss", netstat, and tcpdump. However, it appears that > >>the firewall is not translating the destination, as tcpdump on the > >>server shows a source address of 127.0.0.1. > >> > >> > > > >dc1 does have 192.168.1.0 netmask 255.255.255.0 assigned, right? From > >the firewall, you should be able to 'telnet 192.168.1.20 80' and get a > >working connection. If that works, add the inetd.conf line as mentioned > >in the faq. Then, again on the firewall itself, run 'telnet 127.0.0.1 > >80', which should work, too. Then add the rdr as mentioned and telnet to > >the _external_ address of the firewall, port 80, from a local machine. > > > >Daniel > > > > > > > > -- > Kayra.NET Internet ve Bilisim Hizmetleri Ltd. Sti. > Menekse-2 Sokak No:29/15 Kizilay/Ankara 06440 TURKEY > Tel: 312.419.2836 Fax: 312.419.2837 M: 532.548.2830 > http://www.kayra.net > >
