Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
From: Siju George (sgeorge.ml_at_gmail.com)
To: Darren Reed <firstname.lastname@example.org> Date: Thu, 2 Jun 2005 17:35:49 +0530
On 5/31/05, Darren Reed <email@example.com> wrote:
> [ Charset ISO-8859-1 unsupported, converting... ]
> > From
> > http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/worki01.mspx
> > I understand that it is possible with UPnP enabled NAT devices.
> > Is the NAT in PF UPnP enabled??
> > or could someone tell me how I can accomplish this with OpenBSD.
> The only free, unix-based, UPnP implementation is for Linux and iptables,
> so your solution is to wipe OpenBSD and install Linux.
> When it comes to things like UPnP, there are a lot of luddites in the *BSD
> community. Others of us, who have benefited from it and understand why it
> is useful, just don't have time.
Thankyou so much Darren for your reply :-)
So let me explain the situation.
Is there no BSD firewall capable of letting two users ( with two
differrent computers with 2 differrent IP from the RFC1918 range ) in
the LAN to connect to the Same Windows 2003 on the Internet remote
desktop servers and work on it simultaneously.
The only BSD firewall I have used is PF and the only workaround is to
use an rdr rule to do port forwarding somethinglike.
rdr pass on $ext_if inet proto tcp from $Windows_RDServer to any port
3389 -> $WRD_client1 port 3389
but then only $WRD_client1 will be able to access $Windows_RDServer through PF.
No other computer in the LAN can connect to $Windows_RDServer on the
internet simultaneously because all traffic from it will be forwarded
by the PF firewall to $WRD_client1 port 3389
so may I ask you is there no BSD firewall that is able to do this???
since you know ipfilter in and out may i ask you if it is possible to
do this with ipfilter.
OpenBSD uses ftp-proxy to let in Active FTP traffic through PF.
Is it possible to do something like that in PF? ie. write a Remote
Desktop Proxy for OpenBSD & PF that is able to do this??
if so have you got any suggestions or work arounds??
Thankyou so much once again for taking time to repply to my first mail :-)
firewall-wizards mailing list