From owner-freebsd-questions@freebsd.org  Tue Jun 18 16:50:31 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1264315C2A79
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Tue, 18 Jun 2019 16:50:31 +0000 (UTC) (envelope-from johnl@iecc.com)
Received: from gal.iecc.com (gal.iecc.com
 [IPv6:2001:470:1f07:1126:0:43:6f73:7461])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "gal.iecc.com", Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7DF8685216
 for <freebsd-questions@freebsd.org>; Tue, 18 Jun 2019 16:50:30 +0000 (UTC)
 (envelope-from johnl@iecc.com)
Received: (qmail 67583 invoked from network); 18 Jun 2019 16:50:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com;
 h=date:message-id:from:to:subject:mime-version:content-type:content-transfer-encoding;
 s=107fb.5d091655.k1906; i=johnl-iecc.com@submit.iecc.com;
 bh=owmSGEubJ/Jefx0P8IqKYO6WBVRRT9vdhktIHcSEDCc=;
 b=r+j1isViTgqdRWy7FL9nIJFOOUITAv/tYLKHeZecuSuUSxUDT8Zrj2N/qaSkvhLfy4R4T0wF9DeAJchX57Q9fzeuGJlBC8HorKkqwGP1anUnWasF8MD5T6Zm9wUF2tNqXEIw5mDQVBr9Nat41+vu2wH4hO+GGeKwoVSCO8amgxm6Xoy+10sj+L9RMJ3oX0pKQzXrZxWT7T+qD3n3AByady9Bcz+udiplPxXC49ZLWtgpLRvd4Sa9PrafXoXVsN/n
Received: from ary.qy ([64.246.232.221]) by imap.iecc.com ([64.57.183.75])
 with ESMTPSA (TLS1.2 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP;
 18 Jun 2019 16:50:28 -0000
Received: by ary.qy (Postfix, from userid 501)
 id 83C662015F9118; Tue, 18 Jun 2019 12:50:27 -0400 (EDT)
Date: 18 Jun 2019 12:50:27 -0400
Message-Id: <20190618165028.83C662015F9118@ary.qy>
From: "John Levine" <johnl@iecc.com>
To: freebsd-questions@freebsd.org
Subject: IPFW redirect to another port?
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2019 16:50:31 -0000

I would like to use ipfw to redirect incoming port 53 requests from a
few IP addresses to a different port, so I can use a custom DNS server
to answer them.  I can figure out how to redirect their traffic to,
say, port 5553, but the responses come from 5553 which of course
doesn't work.

Any suggestions about how to adjust the port numbers going both ways?  It's
fine if they screw up other traffic to those IPs.  TIA.