Date: Thu, 21 Apr 2005 13:29:44 -0700 From: patrick <gibblertron@gmail.com> To: freebsd-questions@freebsd.org Subject: Forwarding external-bound packets internally with ipfw Message-ID: <b043a485050421132942116800@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I have a few servers, and I'd like to force secondary servers to deliver mail to the primary via a private network (each server is dual-homed). Mail would be deemed "local" (destined for my LAN) by specifying a bunch of CIDRs. I would like to accomplish this using ipfw's forwarding support, but I am having a problem getting the rule right. I first tried using ipfw forward, but after reading the man page in greater detail, it seems like this likely won't work. My next thought is to use ipfw's divert functionality in conjunction with natd, but it is not clear to me how I could tell natd to forward to the correct internal server using the redirect_port option. Ideally, I would like to maintain only one list of IP blocks. Additionally, it seems like natd wants you define a rule per IP, which will get to be rather annoying when dealing with hundreds of IPs that could easily be classified using a mask. An example of what I want to do follows: Server A: public IPs: 1.2.3.0/24, private IP: 192.168.0.1 Server B: public IPs: 2.3.4.0/24, private IP: 192.168.0.2 Server C: public IPs: 3.4.5.0/24, private IP: 192.168.0.3 When Server B accepts mail destined for Server A, I would like it to route through 192.168.0.1 rather than the public IP. The same goes for if Server C accepts mail for Server A or B using the respective internal IP. This isn't really relevant, but I'm using Postfix as my mailer. It does have an option to force a relay_host, but it will not let you differentiate destinations. This works fine with two hosts on the network, but not for three or more. Any ideas of how I could accomplish this? Thanks very much, Patrick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b043a485050421132942116800>