Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?

From: Siju George (
Date: 06/02/05

  • Next message: ArkanoiD: "[fw-wiz] preventing XSS and SQL injection?"
    To: Darren Reed <>
    Date: Thu, 2 Jun 2005 17:35:49 +0530

    On 5/31/05, Darren Reed <> wrote:
    > [ Charset ISO-8859-1 unsupported, converting... ]
    > > From
    > >
    > >
    > >
    > > I understand that it is possible with UPnP enabled NAT devices.
    > >
    > > Is the NAT in PF UPnP enabled??
    > >
    > > or could someone tell me how I can accomplish this with OpenBSD.
    > The only free, unix-based, UPnP implementation is for Linux and iptables,
    > so your solution is to wipe OpenBSD and install Linux.
    > When it comes to things like UPnP, there are a lot of luddites in the *BSD
    > community. Others of us, who have benefited from it and understand why it
    > is useful, just don't have time.
    > Darren

    Thankyou so much Darren for your reply :-)

    So let me explain the situation.

    Is there no BSD firewall capable of letting two users ( with two
    differrent computers with 2 differrent IP from the RFC1918 range ) in
    the LAN to connect to the Same Windows 2003 on the Internet remote
    desktop servers and work on it simultaneously.

    The only BSD firewall I have used is PF and the only workaround is to
    use an rdr rule to do port forwarding somethinglike.

    rdr pass on $ext_if inet proto tcp from $Windows_RDServer to any port
    3389 -> $WRD_client1 port 3389

    but then only $WRD_client1 will be able to access $Windows_RDServer through PF.

    No other computer in the LAN can connect to $Windows_RDServer on the
    internet simultaneously because all traffic from it will be forwarded
    by the PF firewall to $WRD_client1 port 3389

    so may I ask you is there no BSD firewall that is able to do this???

    since you know ipfilter in and out may i ask you if it is possible to
    do this with ipfilter.

    OpenBSD uses ftp-proxy to let in Active FTP traffic through PF.

    Is it possible to do something like that in PF? ie. write a Remote
    Desktop Proxy for OpenBSD & PF that is able to do this??

    if so have you got any suggestions or work arounds??

    Thankyou so much once again for taking time to repply to my first mail :-)

    kind regards

    firewall-wizards mailing list

  • Next message: ArkanoiD: "[fw-wiz] preventing XSS and SQL injection?"