[問題] ipfw 與 nat 外部ip 重導的問題
有兩張網卡 fxp0 與 fxp1 ; fxp0 是外部IP(假設為 10.0.0.1) ; fxp1 為內部 ip( 假設為 192.168.0.254 ) ;
目前遇到的問題是 從內部 ip telnet 10.0.0.1 25 轉不進來
但是從 外面其他的 ip telnet 10.0.0.1 25 是 ok 可以work 的...
搞了很久不知道錯在哪裡,想請各位高手幫忙一下,
謝謝!
我列出 相關設定
/etc/rc.conf
firewall_enable="YES" # Set to YES to enable firewall functionality
firewall_script="/usr/local/sbin/firewall.sh" # Which script to run to set up the firewall
firewall_type="OPEN" # Firewall type (see /etc/rc.firewall)
firewall_quiet="NO" # Set to YES to suppress rule display
firewall_logging="NO" # Set to YES to enable events logging
firewall_flags="" # Flags passed to ipfw when type is a file
gateway_enable="YES" # Set to YES if this host will be a gateway.
natd_enable="YES" # Enable natd (if firewall_enable == YES).
natd_program="/sbin/natd" # path to natd, if you want a different one.
natd_interface="fxp0" # Public interface or IPaddress to use.
natd_flags="-f /etc/natd.conf" # config file at /etc/natd.conf
/etc/natd.conf
redirect_port tcp 192.168.0.5:25 10.0.0.1:25
/usr/local/sbin/firwall.sh
# nat
${fwcmd} add 1020 divert natd ip from any to 10.0.0.1 via fxp0
${fwcmd} add 1040 divert natd ip from 192.168.0.0/16 to any
${fwcmd} add 30030 pass ip from 10.0.0.1 to any keep-state
${fwcmd} add 30030 pass ip from 192.168.0.0/16 to any keep-state
${fwcmd} allow tcp from any to me 25
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 140.113.27.50
討論串 (同標題文章)
FreeBSD 近期熱門文章
PTT數位生活區 即時熱門文章
154
159