Date: Sat, 27 Jan 2001 17:06:21 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Kal Torak <kaltorak@quake.com.au> Cc: FreeBSD-stable <freebsd-stable@FreeBSD.ORG> Subject: Re: ipfw forwarding (more info) Message-ID: <20010127170621.M10761@rfx-216-196-73-168.users.reflex> In-Reply-To: <3A732EFB.E7E743BA@quake.com.au>; from kaltorak@quake.com.au on Sun, Jan 28, 2001 at 07:26:35AM %2B1100 References: <3A72CB47.7A5DD83@quake.com.au> <20010127220257.B28504@nevermind.kiev.ua> <3A732BE9.F559820D@quake.com.au> <3A732EFB.E7E743BA@quake.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 28, 2001 at 07:26:35AM +1100, Kal Torak wrote:
> Kal Torak wrote:
> >
> > Nevermind wrote:
> > >
> > > Hello, Kal Torak!
> > >
> > > On Sun, Jan 28, 2001 at 12:21:11AM +1100, you wrote:
> > >
> > > > Ok, so I have another FreeBSD box running a server on port 27015/udp
> > > > and I put a rule in my ipfw list saying "${fwcmd} 600 fwd 10.0.0.4 udp from
> > > > any to any 27015" this seems like it should do the job, and when I connect
> > > should this be:
> > > ${fwcmd} 600 fwd 10.0.0.4,27015 udp from any to any 27015
> > > ?
> > >
> > > Correct me if I wrong...
> >
> > AFAIK you only need to specify the destination port if its different from the
> > source...
And the port would have no meaning when forwarding to another
machine just like it says in the manpage.
> > I just dont get this... it *should* work from what I know... yet it doesnt...
> >
> > I am considering recompiling with ipf and see if I can get that to do what I
> > want.. but thats a bit of a pain since ipfw should be able to do this...
>
> After some more fiddling around, I have noticed that the ipfw rule is
> hit, but nothing seems to happen... The data just continues on to the
> local port instead of being forwarded to the remote one...
Are you sure? Please try,
# tcpdump -i <iface> -en port 27015
On each interface that would be involved.
> Maybe I am missing something that needs to be loaded for this to work?
No, forwarding is all in the kernel (or KLD module).
But I suspect you really don't want to forward packets, but actually
want to do NAT.
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010127170621.M10761>