Date: Wed, 14 Dec 2005 05:20:39 +1100 From: Peter Jeremy <PeterJeremy@optushome.com.au> To: OxY <oxy@field.hu> Cc: freebsd-hackers@freebsd.org Subject: Re: ipfw forwarding Message-ID: <20051213182039.GF77268@cirb503493.alcatel.com.au> In-Reply-To: <001701c6000a$86eab700$0201a8c0@oxy> References: <001701c6000a$86eab700$0201a8c0@oxy>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2005-Dec-13 18:27:43 +0100, OxY wrote:
>i used this rule:
>
>$cmd 00316 fwd x.x.x.x.204,80 tcp from any to x.x.x.28 80
>
>what's wrong with it?
You don't mention what is happening or not happening (running tcpdump
and following packets as they go from system to system can be useful)
but there are two issues you may not have considered.
1) Have you considered what will happen to packets being returned from
the server on .28 to the client?
2) ipfw(8) states:
The fwd action does not change the contents of the packet at all.
In particular, the destination address remains unmodified, so
packets forwarded to another system will usually be rejected by
that system unless there is a matching rule on that system to
capture them. For packets forwarded locally, the local address
--
Peter Jeremy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051213182039.GF77268>