(Another) NATD/IPFW port forwarding problem

[fbsd-help]

                               .oO( Internet )Oo.
                                       ||
                                       || 

                                 [----DSL------]
                                 [ adsl router ]       <- No Nat
                                 [-------------] 

                                  |           |
                                  |           |
                                  |           |
                                  B           A
                 [--------WL-------]         [---BSD---]
    NAT ->       [ wireless router ]         [ bsd box ]
                 [-----------------]         [---------]
                                              X
                  |               |           |
                  |               |           |
                  |               |___________|
                  Y
[---------WEB--------]
[ web server + media ]
[--------------------] 

IP Addresses: 

A: External IP 82.*.*.A
B: External IP 82.*.*.B
X: Internal IP 192.168.1.101
Y: Internal IP 192.168.1.100 

### External Connectivity ### 

WEB -> WL -> (DSL) -> Internet [IP B]
BSD -> (DSL) -> Internet [IP A] 

Require:
Connection to A:80 forwarded to Y:80 

### Theoretical Solution ### 

Packet - [sourceip:port, destip:port] 

Packets IN 

[any:any, A:80] fwd/nat [A:80, X:80]
[A:80, X:80] fwd/nat [X:80, Y:80] 

Packets OUT 

[Y:80, X:80] fwd/nat [X:80, A:80]
[X:80, A:80] fwd/nat [A:80, any:any] 

### Description ### 

Hiya, 

As you can hopefully see, i'm trying to port forward a connection to an 
external ip on my BSD be box to the internal ip address of a machine that 
sits behind a wireless router. 

Please advise as to whether my "Theoretical Solution" is indeed correct for 
this purpose. 

I've been playing around with NATD and IPFW for a while now, and just cannot 
get it to respond. Assuming my logic is correct, my problem seems to be 
translating it in to the require configs/rules for natd and ipfw. 

In an attempt to simplify the problem, i have set apache to run on all the 
IPs of the BSD box. A telnet to 82.*.*.A 80 gets an index file showing 
"default", whereas a telnet to 192.168.1.101 80 gets an index file showing 
"192.168.1.101", the obvious trick being to get a telnet to 82.*.*.A to 
display "192.168.1.101" 

As this is failing badly too, i assume i am doing some really wrong. 

As you will see, i have a /29 external subnet but we're only really 
interested in 82.*.*.A 

rl0 -> external NIC going to ADSL Router
xl0 -> internal NIC going to Wireless Router 

IP Connectivity between all "hosts" is fine 

Details are as follows: 

----- rc.conf ----- 

defaultrouter="82.*.*.*"
hostname="XXX"
ifconfig_rl0="inet 82.*.*.*  netmask 255.255.255.248"
ifconfig_rl0_alias0="inet 82.*.*.A netmask 255.255.255.255"
ifconfig_rl0_alias1="inet 82.*.*.* netmask 255.255.255.255"
ifconfig_rl0_alias2="inet alias 82.*.*.* netmask 255.255.255.255"
ifconfig_xl0="inet 192.168.1.101 netmask 255.255.255.0"
ifconfig_xl0_alias0="inet 192.168.1.111 netmask 255.255.255.255" 

gateway_enable="YES"
natd_enable="YES"
natd_interface="rl0"
natd_flags="-f /etc/natd.conf"
portmap_enable="YES"
firewall_enable="YES"
firewall_type="/etc/ipfw.rules/default"
firewall_quiet="NO" 

----- natd.conf ----- 

interface rl0
same_ports yes
redirect_port tcp 192.168.1.101:80 80 

----- KERNAL ----- 

options         IPFIREWALL
options         IPFIREWALL_DEFAULT_TO_ACCEPT
options         IPFILTER
options         IPFILTER_LOG
options         IPDIVERT 

Cheers for the help!!!
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"