help with webcam through natd + ipfw
Folks, I've done port-forwarding before on several different FW/NAT devices, but damned if I can get it going on FreeBSD. At first I tried with PPP's builtin NAT, and when that failed I switched to natd. I did google searches and even searched the FreeBSD list archives but did not find any help. /etc/natd.conf looks like this (private IP removed) : interface tun0 port 8668 use_sockets yes dynamic yes redirect_port tcp MY_PRIVATE_IP:8080 8080 /etc/rc.conf has this : firewall_type=SIMPLE firewall_enable=YES firewall_script=/etc/rc.firewall firewall_quiet=NO natd_enable=YES natd_program=/sbin/natd natd_interface=tun0 natd_flags=-f /etc/natd.conf My firewall does not have much changed from the SIMPLE template. I allow a few incoming connections including ports 80, 443, 53, 110 and the port I want to foward back to my webcam : 8080. nat itself works fine (machines behind the FW can surf and such) but the port forwarding is not working. I tried adding a rule 50 to allow everything on the ipfw, and that didn't work. Then I thought maybe the 'allow all' should do right after the divert to natd so I deleted 50 and added the add all rule right after divert. Still nothing! I'm testing by VPN'ing into work, VNC'ing into my desktop, and trying to connect back from there. Help! What's up? Oh, FreeBSD 4.5 release (stable, whatever it's called, I don't much around with beta stuff) cheers, -Alan -- http://www.bodensatz.com/ The Beer Site To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: help with webcam through natd + ipfw
What does `ipfw -a l` show? That seems to be the same as ipfw show, which I used to determine that there do not seem to be any 'deny' rules hit. So I cannot really tell where those packets are going. I can hit my port 80 from work no problem (www.bodensatz.com), but 8080 no deal. So it seems to be going through some allow rule, but I'm not sure which. Also, my 'allow 8080 setup' rule was after the divert but with the public IP number, so I added an equivalent one with the private address of my interal PC. i.e. 013500 0 allow tcp from any to PC_WITH_CAM 8080 setup 055500 0 allow tcp from any to 207.164.198.56 8080 setup I put the private IP rule right after the divert just in case. gah! -- http://www.bodensatz.com/ The Beer Site To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: help with webcam through natd + ipfw
If indeed your internal machine is excepting connections on port 8080 (can be tested from the firewall box using telnet) then this Cannot telnet to 8080 so it must be nat, but my natd.conf looks good to me. dunno what's up. nat itself is working otherwise I wouldn't be talking to you right now. You say my natd.conf looked fine. In my kernel I have the following : options IPDIVERT options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 -- http://www.bodensatz.com/ The Beer Site To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: help with webcam through natd + ipfw
sounds like a firewalling problem. Set your firewall type to OPEN, reboot and see if it works. If it does, then you need to examine your firewall rules better. Nope, still no go :-( I'll wait til my buddy is back from vacation as I think he got it going on his fbsd box :-( -- http://www.bodensatz.com/ The Beer Site To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message