LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-20-2003, 12:29 PM   #1
zemo
LQ Newbie
 
Registered: Aug 2003
Posts: 1

Rep: Reputation: 0
Question Port redirection on FreeBSD


Hi! I'm new to unix/linux and I have a question about port redirection.
I have a FreeBSD firewall/router which is already configurated. It's a network of about 10 clients and client on 192.168.2.6 needs access (software) to UDP ports 27950, 27952, 27960 and 27965.

Here are configurated scripts:

(public_ip) = IP from my ISP (hiden for security)
(public_ip2) = Second IP

rc.conf (located in /etc/)
------------------------------
# -- sysinstall generated deltas -- # Tue Oct 29 11:38:29 2002
# Created: Tue Oct 29 11:38:29 2002
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
defaultrouter="(public_ip)"
gateway_enable="YES"
hostname="(not_shown)"
ifconfig_rl0="inet (public_ip) netmask 255.255.255.0"
ifconfig_rl0_alias0="inet (public_ip) netmask 255.255.255.0"
ifconfig_rl1="inet 192.168.2.1 netmask 255.255.255.0"
inetd_enable="NO"
kern_securelevel_enable="NO"
keymap="si.iso"
nfs_reserved_port_only="YES"
sendmail_enable="YES"
sshd_enable="YES"


natd.sh (located in /usr/local/etc/rc.d/)
------------------------------
#!/bin/sh

killall -9 natd

/sbin/natd -m -dynamic -n rl0 -redirect_address 192.168.2.14 (public_ip2)

/sbin/natd -m -p 6889 -dynamic -n rl1 -redirect_address 192.168.2.14 (public_ip2)


ipfw.sh (located in /usr/local/etc/rc.d/)
------------------------------
#!/bin/sh

#pobrise vsa pravila
/sbin/ipfw -f flush

#dovoli promet po loaklni masini
/sbin/ipfw add accept ip from 127.0.0.1 to 127.0.0.1
/sbin/ipfw add accept ip from (public_ip) to (public_ip)
/sbin/ipfw add accept ip from (public_ip2) to (public_ip2)
/sbin/ipfw add accept ip from 192.168.2.1 to 192.168.2.1

#dovoli promet
/sbin/ipfw add accept ip from 192.168.2.0/24 to 192.168.2.0/24

#vse kar pride po rl1 preusmeri natdju
/sbin/ipfw add divert 6889 ip from any to any via rl1

#vse kar pride po rl0 preusmeri natdju
/sbin/ipfw add divert natd ip from any to any via rl0

/sbin/ipfw add accept tcp from any to (public_ip) established
/sbin/ipfw add accept tcp from (some_address) to (public_ip) 22

#zavrne vse kar pride na firewall
/sbin/ipfw add unreach filter-prohib tcp from any to (public_ip)

#za DNS ki komunicira na UDP protokolu
/sbin/ipfw add accept udp from any to any 53
/sbin/ipfw add accept udp from any 53 to any
/sbin/ipfw add accept udp from (public_ip) to any

#zavrne udp do firewalla
/sbin/ipfw add unreach filter-prohib udp from any to any

#zavrne ves promet ki prihaja na IP-ja
/sbin/ipfw add unreach filter-prohib ip from any to (public_ip2)


Thanks!
 
Old 10-15-2003, 07:56 AM   #2
Reme
LQ Newbie
 
Registered: Sep 2003
Posts: 9

Rep: Reputation: 0
-redirect_port proto targetIP:targetPORT[-targetPORT]
[aliasIP:]aliasPORT[-aliasPORT]
[remoteIP[:remotePORT[-remotePORT]]]


For example, an IRC server runs on Client A, and a web server runs on Client B. For this to work properly, connections received on ports 6667 (IRC) and 80 (web) must be redirected to the respective machines.

the argument should be:
-redirect_port tcp 192.168.0.2:6667 6667
-redirect_port tcp 192.168.0.3:80 80
This will redirect the proper tcp ports to the LAN client machines.


The -redirect_port argument can be used to indicate port ranges over individual ports. For example, tcp 192.168.0.2:2000-3000 2000-3000 would redirect all connections received on ports 2000 to 3000 to ports 2000 to 3000 on Client A.

These options can be used when directly running natd(8) or placed within the

natd_flags=""
option in /etc/rc.conf.

as quoted from the bsd handbook http://www.freebsd.org/doc/en_US.ISO...ook/index.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Port 80 redirection omlex Linux - Security 1 02-20-2005 03:22 PM
bash output redirection: debian vs freebsd kenners Programming 2 10-07-2004 04:56 PM
Port Redirection JonChristmas Linux - Networking 1 09-04-2004 03:19 AM
How to sniff port redirection shawnzhou888 Linux - Networking 0 07-18-2003 02:31 PM
port forwarding / redirection Ratclaws *BSD 1 02-23-2003 10:13 AM


All times are GMT -5. The time now is 07:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration