I would use OpenBSD's transparent bridging feature with (optionally) pf
filtering.
Mario.
Hi,
I have a situation where an internal (located in a LAN and behind a OpenBSD
firewall/NAT) has to be fully exposed to the Internet! What's the best way
to
acieve that?
Thanks
George
If I understand you correctly, what you are asking for requires an
external IP for each of the internal servers. After that it is just a
matter of forwarding all ports from an external ip to an internal one,
applying firewall rules either on the gateway/router box or on the
internal server.
On May 15, 2005, at 5:10 PM, Jason Dixon wrote:
On May 15, 2005, at 4:11 PM, GV wrote:
not really. Actually I would like to avoid that. I rather wanted to
have one
external IP address and different ports on this address should
redirect to
different internal machines!
Ok, let's nip this in the
YES! That was the problem! Thanks a lot!
George
On Sunday 15 May 2005 01:02, Arnaud Bergeron wrote:
On 5/14/05, GV [EMAIL PROTECTED] wrote:
no, I don't need any port of that machine to be exposed to the Internet.
Only a certain range.
I tried the following:
--
nat on $ext_if
Hi,
I have a situation where an internal (located in a LAN and behind a OpenBSD
firewall/NAT) has to be fully exposed to the Internet! What's the best way to
acieve that?
Thanks
George
Do you need every port on the mail server to be exposed to the internet?
that's how I originally interpreted your question. If you only need mail
server ports, then use the rdr statement, which you can again read about in
the pf.conf man page. Otherwise, you will need to alias another ip to your
no, I don't need any port of that machine to be exposed to the Internet. Only
a certain range.
I tried the following:
--
nat on $ext_if from $int_if:network to any - $ext_if
rdr on $int_if proto tcp from any to any port 21 - 127.0.0.1 port 8021
rdr pass on $ext_if proto tcp from any to any
On 5/14/05, GV [EMAIL PROTECTED] wrote:
no, I don't need any port of that machine to be exposed to the Internet. Only
a certain range.
I tried the following:
--
nat on $ext_if from $int_if:network to any - $ext_if
rdr on $int_if proto tcp from any to any port 21 - 127.0.0.1 port 8021
On May 14, 2005, at 5:25 PM, GV wrote:
Hi,
I have a situation where an internal (located in a LAN and behind a
OpenBSD
firewall/NAT) has to be fully exposed to the Internet! What's the best
way to
acieve that?
Sorry, your question makes no sense. What are you trying to achieve?
Are you asking
9 matches
Mail list logo