[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipnat/ipf and redirect still not working
> I have one suggestion below, also. Are you sure you are specifing the correct netmask ? is /32 right for your setup?
Yes. The situation is a machine with 2 NIC cards. The external has 2
addresses on it. One is for the usual services of the machine. The other
is for this redirect ONLY. If needed, I can redirect the entire port range
on that IP to the internal machine. I just need at least the mail and http
ports free. Take a closer look at the ifconfig data for the xl1 interface
and it might be more clear:
media: Ethernet 10baseT (10baseT half-duplex)
inet 184.108.40.206 netmask 0xffffffe0 broadcast 220.127.116.11
inet 18.104.22.168 netmask 0xffffffff broadcast 22.214.171.124
> -> Nope. here is what I have:
> -> rdr xl1 126.96.36.199/32 port 110 -> 188.8.131.52 port 110 tcp
> -> rdr xl1 184.108.40.206/32 port 143 -> 220.127.116.11 port 143 tcp/udp
> -> rdr xl1 18.104.22.168/32 port 25 -> 22.214.171.124 port 25 tcp/udp
> -> rdr xl1 126.96.36.199/32 port 80 -> 188.8.131.52 port 80
> -> map xl1 184.108.40.206/32 -> 220.127.116.11/32 portmap tcp/udp 15001:19000
> -> map xl1 18.104.22.168/32 -> 22.214.171.124/32
> Try removing the last map out of here, as it will void the previous.
I did remove the last map. The following DOES show up in an ipnat -l when
I attempt to reach port 80 on the address in question:
RDR 126.96.36.199 80 <- -> 188.8.131.52 80 [184.108.40.206
It still just hangs. I cannot tell whether anything is happening or not.
Sniffit does not register anything on the external interface when I
attempt to reach it. I don't know if that is because it is an alias or
not. Is there a better ethernet sniffer I could use that would help? I am
getting down to the wire on deadline, and I DON'T want to convert this
machine to linux (blech).
Online Technical Producer
Madison Newspapers, Inc. - http://www.madison.com