PF+RDR+NAT HELP !!!!!!!!!!

Luis Mery lmery en portoprint.com
Mar Abr 22 17:25:02 CLT 2003 

nop ..
 
=(

-----Mensaje original-----
De: Víctor Pasten V. [mailto:victor en aciertonet.com] 
Enviado el: Martes, 22 de Abril de 2003 17:05
Para: bsd en inf.utfsm.cl
Asunto: Re: PF+RDR+NAT HELP !!!!!!!!!!


pero en vez de :
 
pass in  on rl0 proto tcp from any to rl0 port 25 keep state 
 
poner:
 
pass in on rl0 proto tcp from any to ip_externa port 25 keep state
 
 
sirve o no???

----- Original Message ----- 
From: Luis  <mailto:lmery en portoprint.com> Mery 
To: bsd en inf.utfsm.cl 
Sent: Tuesday, April 22, 2003 4:51 PM
Subject: PF+RDR+NAT HELP !!!!!!!!!!


scrub in all 

nat on rl0 from 192.16.1.0/24 to any -> 1.1.1.13 

rdr on rl0 proto tcp from any to 1.1.1.2 port 25 -> 192.16.1.2 port 25 
rdr on rl0 proto tcp from any to 1.1.1.2 port 110 -> 192.16.1.2 port 110 
rdr on rl0 proto tcp from any to 1.1.1.2 port 80 -> 192.16.1.2 port 80 

rdr on rl0 proto tcp from any to 1.1.1.13 port 25 -> 192.16.1.6 port 25 
rdr on rl0 proto tcp from any to 1.1.1.13 port 110 -> 192.16.1.6 port 110 

block in log all 
pass out on rl0 proto { tcp, udp } all keep state 
pass in  on rl0 proto { tcp, udp } from any to rl0 port 53 keep state 
pass in  on rl0 proto tcp from any to any port 25 keep state 
pass in  on rl0 proto tcp from any to any port 110 keep state 
pass in  on rl0 proto tcp from any to any port 80 keep state 

pass in  on lo0 all keep state 
pass out on lo0 all keep state 

pass in  on xl0 all keep state 
pass out on xl0 all keep state 


---------------------- 
Ok, eta es la configuración que tengo, ahora .. El problema es que en .... 

pass in  on rl0 proto tcp from any to any port 25 keep state 

No lo puedo poner como ... 

pass in  on rl0 proto tcp from any to rl0 port 25 keep state 

Y al hacer un tcpdump aparece esto .. 

12:49:58.738596 rule 1/0(match): block in on rl0: 1.1.1.2.1025 > 192.16.1.2 .smtp: S 387595638:387595638(0) win 57344 <mss 1460,nop,wscale 0,nop,nop,timesta mp 29155 0> (DF) [tos 0x10]

Alguna sugerencia ??? Algo que esta mal configurado ??? 


S.O.: OpenBSD 3.2 
Firewall: pf 

------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: https://listas.inf.utfsm.cl/mailman/private/bsd/attachments/20030422/32bf0030/attachment.htm