>Помогите новичку сделать проброску порта.
>имеем раутер на FreeBSD, который достался по наследству.
>интерфейс rl0 смотрит в локалку 192.168.20.0 (фирма1), rl1 смотрит в инет и
> rl2 - 192.168.10.0 (фирма 2).
>Есть такой конфиг:
>my_tcp_services = "25 50 53 110 500 1723 3128 48000"
>my_udp_services = "53"
>tcp_inet_services = "25 53 110 48000"
>udp_inet_services = "53"
>bad_tcp_services = "135,137,138,139,445"
>bad_udp_services = "135,137,138,139,445"
>
>scrub in all
>
>nat on rl1 from rl2:network to any -> rl1
>
>pass in quick on lo0
>pass out quick on lo0
>block in quick from no-route to any
>antispoof quick for lo0
>
>pass in quick proto tcp from any to self port = 22
>flags S/SA keep state
>block in quick proto tcp from any to any port {$bad_tcp_services}
>block in quick proto udp from any to any port {$bad_udp_services}
>block log all
>
>pass in on rl2 from rl2:network to ! self keep state
>pass in on rl0 from rl0:network to ! self keep state
>pass in on rl2 proto tcp from rl2:network to self port {$my_tcp_services}
>flags S/SA keep state
>pass in on rl2 proto udp from rl2:network to self port {$my_udp_services}
>keep state
>pass in on rl0 proto tcp from rl0:network to self port {$my_tcp_services}
>flags S/SA keep state
>pass in on rl0 proto udp from rl0:network to self port {$my_udp_services}
>keep state
>pass in proto icmp from any to self keep state
>pass in on rl1 proto tcp from any to self port {$tcp_inet_services}
>flags S/SA keep state
>pass in on rl1 proto udp from any to self port {$udp_inet_services}
>keep state
>pass out on rl2 from self to any keep state
>pass out on rl0 from self to any keep state
>pass out on rl1 from {self rl2:network} to any keep state
>
>Подскажите какие изменения нужно внести, чтобы сделсть из инета редирект порта 3389
>(MS RDP) на тачку в локалке с ip 192.168.10.34
>
Нужно использовать редирект, выглядит это примернт так:
rdr on rl1 inet proto tcp port 3389 -> 192.168.10.34