From owner-freebsd-questions@FreeBSD.ORG Sun Aug 8 22:54:33 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 308CA16A4CE for ; Sun, 8 Aug 2004 22:54:33 +0000 (GMT) Received: from grog.secure-computing.net (grog.secure-computing.net [63.228.14.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id B218B43D1D for ; Sun, 8 Aug 2004 22:54:32 +0000 (GMT) (envelope-from ecrist@secure-computing.net) Received: from Nomad (nat-server.secure-computing.net [63.228.14.245]) (authenticated bits=0)i78MsQiH003311; Sun, 8 Aug 2004 17:54:26 -0500 (CDT) (envelope-from ecrist@secure-computing.net) From: "Eric Crist" To: , Date: Sun, 8 Aug 2004 17:30:50 -0500 Message-ID: <006701c47d97$5e6f6970$6401a8c0@Nomad> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 In-Reply-To: <200408081843.21513.mailist@whoweb.com> Importance: Normal X-Virus-Scanned: clamd / ClamAV version 0.74, clamav-milter version 0.74a on grog.secure-computing.net X-Virus-Status: Clean Subject: RE: IPFW/NATD Transparent Proxy X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Aug 2004 22:54:33 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of > mailist@whoweb.com > Sent: Sunday, August 08, 2004 5:43 PM > To: freebsd-questions@freebsd.org > Subject: Re: IPFW/NATD Transparent Proxy > > > > On Sunday 08 August 2004 04:38 pm, JJB wrote: > > A new rewrite of the FreeBSD handbook firewall section is currently > > being made ready for update to the handbook. You can get an > in-process > > copy from www.a1poweruser.com/FBSD_firewall/ > > The firewall rewrite only deals with a single public nic and > a single internal nic and does not have the information I require. > > > From what you posted looks like you want public internet users to > > access web server on one of your LAN machines. Both ipfw > and ipfilter > > does this normally with port redirect. > > No, I want a user on 192.168.1.247 to be redirected to > 192.168.2.250:80 when > they request 1.2.3.4:80, where 1.2.3.4 is a PUBLIC ip number > on the FreeBSD > internet gateway. Again, the configuration is > de0 = PUBLIC IP = 1.2.3.4 > de1 = 192.168.1.1 > de2 = 192.168.2.1 > > I don't have a problem with incoming requests for 1.2.3.4:80 > from the Internet > being redirected to 192.168.2.250. That works fine. But I > want someone on > 192.168.1.247 to ALSO be redirected to 192.168.2.250:80 when > they request the > public address 1.2.3.4:80. > Could you send us (or me, peronally) your firewall script, and the address you want to use? Thanks. Eric F Crist