Hi,
Running WhiteRussian RC6.
I have recently changed my setup and can't get port forwarding to work the way it used to.
My main XP box used to be plugged directly into the openwrt router and port forwarding worked fine.
Now I have introduced a FreeBSD NAS server in the way. It has 2 NICs. The 100Mbit/s is plugged into the OpenWRT
router and the gigabit goes to the XP box. It's all just to get gigabit access to my NAS without a gigabit switch:

ADSL modem
  |
  | (fast ethernet)
  |
OpenWRT router
  | 192.168.1.1
  |
  | (fast ethernet)
  |
  | 192.168.1.2
FreeBSD NAS server
  | 192.168.0.1
  |
  | (gigabit)
  |
  | 192.168.0.2
XP box

Adding a static route on OpenWRT to 192.168.0/24 via 192.168.1.2 gets traffic passing through the FreeBSD server
and back to the XP box.
However, port fowarding doesn't work the way it used to.
When the XP box was directly connected to the router and had IP 192.168.1.127, I used the following
in /etc/config/firewall:

forward:dport=59287:192.168.1.127

Now I thought the following would work, but it doesn't:

forward:dport=59287:192.168.0.2

I guess this is something to do with the XP box not being directly connected to the router,
but I'm not really up on linux.
Anyone know why this forwarding doesn't work?
Many thanks from a FreeBSD admin.

You are having two NAT stages, so you should forward from OpenWrt to 192.168.1.2, and from freebsd to the final destination.

However, as I see it, you only need one NAT. Just make the FreeBSD box bridge it's two interfaces together, and it will be as if you had a three-port switch with OpenWrt box, FreeBSD box and XP box all connected to it.

Sorry I wasn't clear.
The FreeBSD box is not performing NAT, it is simply acting as a router.
Those 192.168.0/24 IPs are hardwired.

(Last edited by gildenman on 12 Jul 2007, 11:06)

I would still make it bridging..

But how are you dealing with routing? Static gateways defined at boxes?

Have you tried whether the OpenWrt box can ping XP box? What about connecting to ports on XP from OpenWrt? You can also try to tcpdump on FreeBSD to find out how far your packets get.

Edit: oops, didn't read well enough, you mentioned the static routes

(Last edited by jpa on 12 Jul 2007, 11:14)

Yeah there's the static route, I mentioned above, on OpenWRT and, of course, the FreeBSD box is the
default gateway for the XP box.

Traffic is fine to/from XP box. Just ports that were previously forwarded fine now are not
and the obvious config change didn't fix it.
Thought this might be some limitation I didn't understand. I just wanted to make sure that
the port forwarding I've configured should work.
If so, then, as you say, I guess I'll have to iron this out with tcpdump on FreeBSD.

Yeah, I think it should work, though it is a bit complex design (requiring specifying multiple routes on the XP box, if I understand correctly). Tcpdump time it is.

XP just needs a default route. It only has one way to reach anything else, via the FreeBSD box, afterall.
Yes. Tcpdump is one's friend
Thanks for your thoughts.