From owner-freebsd-net@freebsd.org  Tue Jan 23 18:11:40 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0808EEBDC55
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Tue, 23 Jan 2018 18:11:40 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 8B60D637D7;
 Tue, 23 Jan 2018 18:11:38 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be
 forged))
 by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id w0NIBTvX005281
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Tue, 23 Jan 2018 19:11:30 +0100 (CET)
 (envelope-from eugen@grosbein.net)
X-Envelope-From: eugen@grosbein.net
X-Envelope-To: asomers@freebsd.org
Received: from [10.58.0.4] ([10.58.0.4])
 by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id w0NIBPVq067391
 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT);
 Wed, 24 Jan 2018 01:11:25 +0700 (+07)
 (envelope-from eugen@grosbein.net)
Subject: Re: pf: redirect a packet's port but not its address?
To: Alan Somers <asomers@freebsd.org>
References: <CAOtMX2j80odQ7+t3eiFfyV-B5AU0deeNFU1HLwAf05fL8nJZhA@mail.gmail.com>
 <a4eef32f-0446-43d7-3291-8034423122f0@yandex.ru>
 <CAOtMX2jroiz57KyQZUk+4aW4=_1m=Qs7wEP=_3pEVL+E2jg22A@mail.gmail.com>
Cc: FreeBSD Net <freebsd-net@freebsd.org>, Kristof Provost <kp@freebsd.org>
From: Eugene Grosbein <eugen@grosbein.net>
Message-ID: <5A677AC9.10500@grosbein.net>
Date: Wed, 24 Jan 2018 01:11:21 +0700
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <CAOtMX2jroiz57KyQZUk+4aW4=_1m=Qs7wEP=_3pEVL+E2jg22A@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE
 autolearn=no autolearn_force=no version=3.4.1
X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1%
 *      [score: 0.0000] *  2.6 LOCAL_FROM From my domains
 *  1.9 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jan 2018 18:11:40 -0000

23.01.2018 23:17, Alan Somers wrote:

> The man page says that the fwd directive always takes an IP address.  What
> I need is a way to forward the port without changing the IP address.  Is
> that possible in ipfw?

Yes. "ipfw fwd 127.0.0.1,8080 tcp from any to any 80" delivers packets
to local socket listening at port 8080 not touching packet addresses and ports.
And replies are "fixed" so that they are sent from same port (80)
and same address that original incoming packet was sent to.