Hello,
Here my configuration :
I've a domain for my iP_PUB. I use this for my prosody's virtualhost. All works : anywhere i can connect with my prosody's account. But i have my xmpp client on my host server and i can't connect with my account :
Logfile of xmpp client (x.x.x.x my public ip)
if i try telnet anywhere :
On my host server :
Here my pf rules :
/etc/pf.conf
How can i have open port 5222 too for my host server ?
Thank you all !
Here my configuration :
Code:
+--------+---+---+ 10.0.0.0/24 +------------------+
|main server - | |jail with prosody |
|with xmpp client+-----+-------+server |
| | | |IP : 10.0.0.1/24 |
+----------------+ | +------------------+
|
|
|
v
NAT and Redirection with PF
I've a domain for my iP_PUB. I use this for my prosody's virtualhost. All works : anywhere i can connect with my prosody's account. But i have my xmpp client on my host server and i can't connect with my account :
Logfile of xmpp client (x.x.x.x my public ip)
Code:
ERROR:xmlstream:Could not connect to x.x.x.x:5222. Socket Error #61: Connection refused
if i try telnet anywhere :
telnet x.x.x.x 5222
Code:
Trying X
Connected to X
Escape character is '^]'.
On my host server :
telnet x.x.x.x 5222
Code:
Trying X...
telnet: connect to address X: Connection refused
telnet: Unable to connect to remote host
Here my pf rules :
/etc/pf.conf
Code:
#INTERFACES
ext_if="sis0"
int_if = "lo1"
jailnet = $int_if:network
# Name and IP of jails
PROSODY="10.0.0.1"
# NAT
nat on $ext_if from $jailnet to any -> ($ext_if)
# Redirect any packets requesting port (xmpp) 5222 or 5269 to jailed prosody
rdr pass on $ext_if inet proto tcp to port 5222 -> $PROSODY port 5222
rdr pass on $ext_if inet proto tcp to port 5269 -> $PROSODY port 5269
# Open prosody's ports to external network
pass in on $ext_if proto { tcp } from any to $ext_if port 5222
pass in on $ext_if proto { tcp } from any to $ext_if port 5269
# ifconfig
Code:
sis0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82008<VLAN_MTU,WOL_MAGIC,LINKSTATE>
ether 00:1c:c0xxx
inet x.x.x.x netmask 0xffffff00 broadcast x.x.x.255
inet6 fe80::xxxx%sis0 prefixlen 64 scopeid 0x1
inet6 xxxxxx prefixlen 128
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 10.0.0.1 netmask 0xffffff00
inet 10.0.0.2 netmask 0xffffff00
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33160
netstat -r
Code:
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default vss-gw-6k.fr.eu UGS 0 26753856 sis0
10.0.0.1 link#3 UH 0 173804 lo1
10.0.0.2 link#3 UH 0 336 lo1
x.x.x.x link#1 U 0 12365 sis0
ns37xxx.ip-x.x- link#1 UHS 0 135700 lo0
localhost link#2 UH 0 35208 lo0
How can i have open port 5222 too for my host server ?
Thank you all !