ipnat & rdr

Mike Starke mgcon@neta.com
Thu, 8 Mar 2001 20:02:08 -0700 (MST)


I am trying to redirect traffic on an openBSD box to an internal
web server (another openBSD) with no luck. Here is what I have

webserver--------tx0-openBSD-de0-----------Internet

Where tx0 = 192.168.2.232
And de0=Internet IP
And ip of web server is 192.168.2.233

I can access the web server from inside the lan, no problem.
I can ssh to both sides of the openBSD box, no problem.
What I can't do is, from the Internet, is access the web server on the
inside.

Here are my settings:
I know this is wide open, but just to get it to work:
--------------------------------------------------------
ipf.rules
pass in from any to any
pass out from any to any

ipnat.rules
rdr de0 INETIP/32 port 80 -> 192.168.2.233/32 port 80
---------------------------------------------------------

I have run:
'ipnat -CF -f /etc/ipnat.rules'
each time I have monkeyed with ipnat.rules

and when I try to 'telnet INETIP 80' it just hangs.

If I were to 'ipnat -l' while trying to telnet to port 80
it will display something like:
RDR 192.168.2.233 80 <- -> (IP on openBSD) 80 [ip I am coming from 10150]

When I 'telnet 192.168.2.233 80' from inside the lan, no problem.
I know I am missing somethin simple here. I have read howto's
and man'd and now I am not having any more fun.

Any help anyone?

Mike
mgcon@getnet.com
http://www.getnet.com/~mgcon
Phoenix, AZ
USA