Hi, I need some help with FreeBSD firewall with NAT. I have made pppoe and NAT working with both 6.1 release and 6.2 RC i386. All I want is to forward port 443 to port 8843. I added a line in the OPEN portion in the rc.firewall file: ${fwcmd} add fwd 127.0.0.1,8843 tcp from any to any 443 in keep-state Now, when I type https://myserver's ip, it will forward to a proxy server listening at 8843. This is good. But, in the local network, nobody can access the yahoo and google mail. I made another kernel with the options IPFIREWALL_DEFAULT_TO_ACCEPT. When I ipfw, there is only one rule: allow ip from any to any This is good. When I added a line ipfw add fwd 127.0.0.1,8843 from any to any 443 in keep-state again, it won't work with any web email applications. I added a line like this ${fwcmd} add pass tcp from any to any 25 setup Still it won't work. pen at both 6.1 and 6.2 are not working. I remember it works only with 7.0-current. I have only 3 options when I compile the kernel: options IPFIREWALL options IPFIREWALL_FORWARD options IPDIVERT in order to get pppoe to work, I added options NETGRAPH options NETGRAPH_PPPOE options NETGRAPH_SOCKET my rc.conf is like this gateway_enable="YES" hostname=... ifconfig_ed0=... ppp_enable="YES" ppp_nat="YES" ppp_profile="sympatico" ppp_mode="ddial" firewall_enable="YES" firewall_type="OPEN" By the way, I have made this mistake twice: Comment out firewall_enable and firewall_type, the default rule is to lock out any body. I could not access my remote server. I wish you would not do this like me. The best way is to have an options IPFIREWALL_DEFAULT_TO_ACCEPT. The problem is : whenever you add some rule, it will block web mails!Received on Tue Nov 28 2006 - 08:47:54 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:03 UTC