Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 27 Jan 2001 17:06:21 -0800
From:      "Crist J. Clark" <cjclark@reflexnet.net>
To:        Kal Torak <kaltorak@quake.com.au>
Cc:        FreeBSD-stable <freebsd-stable@FreeBSD.ORG>
Subject:   Re: ipfw forwarding (more info)
Message-ID:  <20010127170621.M10761@rfx-216-196-73-168.users.reflex>
In-Reply-To: <3A732EFB.E7E743BA@quake.com.au>; from kaltorak@quake.com.au on Sun, Jan 28, 2001 at 07:26:35AM %2B1100
References:  <3A72CB47.7A5DD83@quake.com.au> <20010127220257.B28504@nevermind.kiev.ua> <3A732BE9.F559820D@quake.com.au> <3A732EFB.E7E743BA@quake.com.au>
index | next in thread | previous in thread | raw e-mail 

On Sun, Jan 28, 2001 at 07:26:35AM +1100, Kal Torak wrote:
> Kal Torak wrote:
> > 
> > Nevermind wrote:
> > >
> > > Hello, Kal Torak!
> > >
> > > On Sun, Jan 28, 2001 at 12:21:11AM +1100, you wrote:
> > >
> > > > Ok, so I have another FreeBSD box running a server on port 27015/udp
> > > > and I put a rule in my ipfw list saying "${fwcmd} 600 fwd 10.0.0.4 udp from
> > > > any to any 27015" this seems like it should do the job, and when I connect
> > > should this be:
> > > ${fwcmd} 600 fwd 10.0.0.4,27015 udp from any to any 27015
> > > ?
> > >
> > > Correct me if I wrong...
> > 
> > AFAIK you only need to specify the destination port if its different from the
> > source...

And the port would have no meaning when forwarding to another
machine just like it says in the manpage.

> > I just dont get this... it *should* work from what I know... yet it doesnt...
> > 
> > I am considering recompiling with ipf and see if I can get that to do what I
> > want.. but thats a bit of a pain since ipfw should be able to do this...
> 
> After some more fiddling around, I have noticed that the ipfw rule is
> hit, but nothing seems to happen... The data just continues on to the
> local port instead of being forwarded to the remote one...

Are you sure? Please try,

  # tcpdump -i <iface> -en port 27015

On each interface that would be involved.

> Maybe I am missing something that needs to be loaded for this to work?

No, forwarding is all in the kernel (or KLD module).

But I suspect you really don't want to forward packets, but actually
want to do NAT.
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010127170621.M10761>