relation ship between natd and ipfw?

[JaybOt]

Hi all,

i'm trying to set to a port redirection on my network so request to a specific port goto another pc on my network (same port). i think i have the 'natd' lie right, (no errors)

natd -redirect_port 192.168.0.10:1028 1028 -alias_address xx.xx.xx.xx (tun0 ip)

but i think i'm going wrong somewhere cos i don't realy under stand the relation ship between natd and ipfw and how packets are routed.

Are packet diverted from ipfw to natd with the 'ipfw -divert natd...' then natd does its thing, then packets go back to ipfw for checking by the rules... is this correct?

I am running my firewall on OPEN until i can get it right so it shouldn't be interfering with things.

Also, do i need to set a rule / redirection to redirect traffic back from my local pc (192.168.0.10:1028) to back to the source address (xx.xx.xx.xx:1028 on tun0)


Any help appriciated!

JayBot! "Always know what you say, but don't always say what you know!"

 

[axvpaa]

hi,
you would add something like this afer your divert rule:
${ipfw} allow log tcp from any to <publicaddress> <PORT#> via ${oif}

additionaly you may want to set the from &quot;any&quot; to a specific ip address and or port range for the machine you want to connect from the internet.
publicaddress should be your &quot;real&quot; ip address.
then...
you will need to add a forward statement to your natd.conf. read natd(8) to the exact syntax but it will be something like:
redirect_port tcp 192.168.1.3:<PORT#> xx.xxx.xxx.xxx:<PRT#>

where the second ip is your real ip from the ipfw rule above.
in essence, you allow the traffic to reach the firewall with the ipfw rule and then you redirect the traffic using natd.
hth