Not sure how you are ending up with 'any' in your ruleset as mine
targets the WANIP:
# Reflection redirects
rdr on $lan proto tcp from any to XXX.XXX.89.4 port { 22 } ->
127.0.0.1 port 19000
On 6/1/06, Yuri Lukin <[EMAIL PROTECTED]> wrote:
Hi everyone,
I just installed 1.0-BETA4 on a Soekris Net4801 and for the most part
everything is working great with the exception of NAT Reflection. I have
a single WAN IP on sis1 and sis0 is my LAN interface. I have a server
on the LAN to which I am forwarding ports 22,25,80 among others. Since
I could not access my server from the inside by the WAN IP, I enabled
NAT Reflection by unchecking "Disable NAT Reflection" in System>Advanced.
This created the following in /tmp/rules.debug:
> # Reflection redirects
> rdr on $lan proto tcp from any to any port { 80 } -> 127.0.0.1 port 19000
>
> # Reflection redirects
> rdr on $lan proto tcp from any to any port { 25 } -> 127.0.0.1 port 19001
>
.and a few others for the various ports that I am forwarding to the server.
However, now any traffic destined for the outside on those ports gets
redirected back to my server. I can test this by going to any website
or trying to telnet to a mail server on the internet. I think this is
because of the "from any to any" in the redirect rules. Is there a way to
change it to "from any to WANIP"? I could not find a way to do so in
the web configurator. Should I edit them rules manually in the shell?
If so, what do I need to reload after doing so?
Is this something by design or did I misconfigure my firewall? I can post a
complete rules.debug if necessary.
Thanks,
-Yuri
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
