有兩張網卡 fxp0 與 fxp1 ; fxp0 是外部IP（假設為 10.0.0.1） ; fxp1 為內部 ip( 假設為 192.168.0.254 ） ; 目前遇到的問題是 從內部 ip telnet 10.0.0.1 25 轉不進來 但是從 外面其他的 ip telnet 10.0.0.1 25 是 ok 可以work 的... 搞了很久不知道錯在哪裡，想請各位高手幫忙一下， 謝謝！ 我列出 相關設定 /etc/rc.conf firewall_enable="YES" # Set to YES to enable firewall functionality firewall_script="/usr/local/sbin/firewall.sh" # Which script to run to set up the firewall firewall_type="OPEN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display firewall_logging="NO" # Set to YES to enable events logging firewall_flags="" # Flags passed to ipfw when type is a file gateway_enable="YES" # Set to YES if this host will be a gateway. natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_program="/sbin/natd" # path to natd, if you want a different one. natd_interface="fxp0" # Public interface or IPaddress to use. natd_flags="-f /etc/natd.conf" # config file at /etc/natd.conf /etc/natd.conf redirect_port tcp 192.168.0.5:25 10.0.0.1:25 /usr/local/sbin/firwall.sh # nat ${fwcmd} add 1020 divert natd ip from any to 10.0.0.1 via fxp0 ${fwcmd} add 1040 divert natd ip from 192.168.0.0/16 to any ${fwcmd} add 30030 pass ip from 10.0.0.1 to any keep-state ${fwcmd} add 30030 pass ip from 192.168.0.0/16 to any keep-state ${fwcmd} allow tcp from any to me 25 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 140.113.27.50