Date: Thu, 3 Jan 2002 14:39:14 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Dean Hollister <dean@odyssey.apana.org.au> Cc: questions@FreeBSD.ORG Subject: Re: ipfw question Message-ID: <20020103143914.D236@gohan.cjclark.org> In-Reply-To: <20020103184834.R61032-100000@odyssey.apana.org.au>; from dean@odyssey.apana.org.au on Thu, Jan 03, 2002 at 06:51:03PM %2B0800 References: <20020103184834.R61032-100000@odyssey.apana.org.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 03, 2002 at 06:51:03PM +0800, Dean Hollister wrote: > > Hello, > > I've combed through the handbook and faq...I'm stuck on one particular > type of ipfw rule. > > I want to redirect any outgoing tcp connections on a specific port to > another host,port. For example: You cannot use 'fwd' to forward packets to a different port on another host. > ipfw add 90 fwd 1.1.1.1,100 tcp from localhost to any 100 out There are a two problems here. First, specifying the port in the 'fwd' command is meaningless if 1.1.1.1 is a remote host. Second, do you really want to redirect packets with a source IP address of 127.0.0.1? Those should never go over the wire. > The command accepts, but when I attempt a connection, the packets are not > being filtered. What am I doing wrong? Not being "filtered?" I suspect that you are actually trying to do NAT or the like here? http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/networking.html#SERVICE-REDIRECT -- "It's always funny until someone gets hurt. Then it's hilarious." Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020103143914.D236>