[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Tonni Aagesen <agent29 at stofanet dot dk>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] simple NAT troubles
 Date:  Sat, 3 Jan 2004 16:44:26 +0100 
On 03.01.2004, at 16:29, Tonni Aagesen wrote:

>         <source>
>             <any/>
>             <port>2222</port>
>         </source>

This is where your problem is. Assuming that you are running some kind 
of TCP service on port 2222 of your server and want to make that 
available to the Internet, you should just use "any" as the source in 
your filter rule, without any port numbers. The reason behind this is 
that you cannot control which port the client will use on its side.

Consider using the "Auto-add" option when creating a new NAT rule, as 
that will take care of setting up a matching filter rule automatically.

>         <destination>
>             <any/>
>             <port>2222</port>
>          </destination>

You shouldn't have "any" here, but the IP address of your server 
instead.

I suggest you remove those NAT and filter rules and start again by 
creating a new NAT rule with the same settings as before and checking 
the "auto-add" option. That should do the trick.

HTH,

Manuel