PF+RDR+NAT HELP !!!!!!!!!!
Víctor Pasten V.
victor en aciertonet.com
Mar Abr 22 17:05:24 CLT 2003
PF+RDR+NAT HELP !!!!!!!!!!pero en vez de :
pass in on rl0 proto tcp from any to rl0 port 25 keep state
poner:
pass in on rl0 proto tcp from any to ip_externa port 25 keep state
sirve o no???
----- Original Message -----
From: Luis Mery
To: bsd en inf.utfsm.cl
Sent: Tuesday, April 22, 2003 4:51 PM
Subject: PF+RDR+NAT HELP !!!!!!!!!!
scrub in all
nat on rl0 from 192.16.1.0/24 to any -> 1.1.1.13
rdr on rl0 proto tcp from any to 1.1.1.2 port 25 -> 192.16.1.2 port 25
rdr on rl0 proto tcp from any to 1.1.1.2 port 110 -> 192.16.1.2 port 110
rdr on rl0 proto tcp from any to 1.1.1.2 port 80 -> 192.16.1.2 port 80
rdr on rl0 proto tcp from any to 1.1.1.13 port 25 -> 192.16.1.6 port 25
rdr on rl0 proto tcp from any to 1.1.1.13 port 110 -> 192.16.1.6 port 110
block in log all
pass out on rl0 proto { tcp, udp } all keep state
pass in on rl0 proto { tcp, udp } from any to rl0 port 53 keep state
pass in on rl0 proto tcp from any to any port 25 keep state
pass in on rl0 proto tcp from any to any port 110 keep state
pass in on rl0 proto tcp from any to any port 80 keep state
pass in on lo0 all keep state
pass out on lo0 all keep state
pass in on xl0 all keep state
pass out on xl0 all keep state
----------------------
Ok, eta es la configuración que tengo, ahora .. El problema es que en ..
pass in on rl0 proto tcp from any to any port 25 keep state
No lo puedo poner como .
pass in on rl0 proto tcp from any to rl0 port 25 keep state
Y al hacer un tcpdump aparece esto ..
12:49:58.738596 rule 1/0(match): block in on rl0: 1.1.1.2.1025 > 192.16.1.2 .smtp: S 387595638:387595638(0) win 57344 <mss 1460,nop,wscale 0,nop,nop,timesta mp 29155 0> (DF) [tos 0x10]
Alguna sugerencia ??? Algo que esta mal configurado ???
S.O.: OpenBSD 3.2
Firewall: pf
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: https://listas.inf.utfsm.cl/mailman/private/bsd/attachments/20030422/09a51732/attachment.htm