>>А нат запускаешь с ключем -f?
>
>
>Да
Проблему перенаправлением порта 3389 решил.
в etc/natd.conf написано -
port 8668
redirect_port tcp 192.168.10.1:3389 212.119.109.58:3389
redirect_port tcp 192.168.10.5:110 212.119.109.58:110
firewall.conf -
fwcmd="/sbin/ipfw -q"
lanout="fxp0"
lanin="fxp1"
ipout="212.212.212.121"
ipin="192.168.10.254"
netmask="24"
netin="192.168.10.0"
${fwcmd} -f flush
${fwcmd} add check-state
${fwcmd} add allow ip from any to any via lo0
${fwcmd} add divert 8668 tcp from any to 212.212.212.121 3389 via fxp0
${fwcmd} add divert 8668 tcp from 192.168.10.1 3389 to any via fxp0
${fwcmd} add allow tcp from any to 192.168.10.1 3389 via any
${fwcmd} add divert 8668 tcp from any to 212.212.212.121 110 via fxp0
${fwcmd} add divert 8668 tcp from 192.168.10.5 110 to any via fxp0
${fwcmd} add allow tcp from any to 192.168.10.5 110 via any
${fwcmd} add divert natd ip from ${netin}/${netmask} to any out via ${lanout}
${fwcmd} add divert natd ip from any to ${ipout} in via ${lanout}
${fwcmd} add allow tcp from any to any established
${fwcmd} add allow ip from ${ipout} to any out xmit ${lanout}
${fwcmd} add allow udp from any 53 to any via ${lanout}
${fwcmd} add allow tcp from any to ${ipout} 49152-65535 via ${lanout}
${fwcmd} add allow icmp from any to any icmptypes 0,8,11
${fwcmd} add allow tcp from any to ${ipout} 25 via ${lanout}
${fwcmd} add allow tcp from any to ${ipout} 110 via ${lanout}
${fwcmd} add allow tcp from any to any via ${lanin}
${fwcmd} add allow udp from any to any via ${lanin}
${fwcmd} add allow icmp from any to any via ${lanin}
${fwcmd} add deny log tcp from any to any
В таком виде редирект порта 3389 работает, а вот почта так и не перенаправляется на 192.168.10.5
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
(ok) on 20-Мрт-07, 16:40 
