It would be helpful to show the firewall rule permitting this trafic as well.
On 5/28/06, Paul W <[EMAIL PROTECTED]> wrote:
I seem to be having difficulty adding a port forward :(
from WAN ->lan(192.168.1.3) port 80
I've included
1. lynx screen shot of nat rule
2. syslog output showing the block
3. routing table for macmini (server)
The macmini can get to the outside world
is there any other debugging I can look at?
whats wrong with my rule?
syslog says block on ng0 .. that's odd .. what is ng0?
LAN [vr0 (00:40:63:d3:10:03)_]
WAN [ste0 (00:0d:88:68:7a:f0)]
OPT1 [ste1 (00:0d:88:68:7a:f1)] delete interface
OPT2 [ste2 (00:0d:88:68:7a:f2)] delete interface
OPT3 [ste3 (00:0d:88:68:7a:f3)] delete interface
WAN is a pppoe connection with a static IP
Any help appreciated :)
Paul.
Firewall: NAT: Port Forward: Edit
Interface [WAN_]
Choose which interface this rule applies to.
Hint: in most cases, you'll want to use WAN here.
External address [Interface address_________]
If you want this rule to apply to another IP address than the IP
address of the interface chosen above, select it here (you need to
define Virtual IP addresses on the first). Also note that if you are
trying to redirect connections on the LAN select the "any" option.
Protocol [TCP____]
Choose which IP protocol this rule should match.
Hint: in most cases, you should specify TCP here.
External port range
from: [HTTP______] _____
to: [(other)___] _____
Specify the port or port range on the firewall's external address for
this mapping.
Hint: you can leave the 'to' field empty if you only want to map a
single port
NAT IP 192.168.1.3_________
Enter the internal IP address of the server on which you want to map
the ports.
e.g. 192.168.1.12
Local port [HTTP______] _____
Specify the port on the machine with the IP address entered above. In
case of a port range, specify the beginning port of the range (the end
port will be calculated automatically).
Hint: this is usually identical to the 'from' port above
Description http to macmini__________________________
You may enter a description here for your reference (not parsed).
Save [BUTTON]
May 29 11:48:23 192.168.1.253 pf: 154345 rule 57/0(match): block in on
ng0: (tos 0x0, ttl 53, id 19565, offset 0, flags [DF], proto: TCP (6),
length: 60) 210.55.139.210.39425 > 192.168.1.3.80: S
880308415:880308415(0) win 5840 <mss 1360,sackOK,timestamp[|tcp]>
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.253 UGSc 56 106899 en0
127 localhost UCS 0 0 lo0
localhost localhost UH 12 101541 lo0
169.254 link#4 UCS 0 0 en0
192.168.1 link#4 UCS 3 0 en0
asmith.loudas.com 0:d:9d:4a:42:d1 UHLW 2 381 en0 1068
macmini.loudas.com localhost UHS 1 48 lo0
192.168.1.253 0:40:63:d3:10:3 UHLW 53 226 en0 960
192.168.1.255 link#4 UHLWb 1 40 en0
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
