Date: Fri, 9 Jul 2004 20:35:30 +0300 From: Dancho Penev <dpenev@mnet.bg> To: iaccounts@ibctech.ca Cc: freebsd-questions@FreeBSD.ORG Subject: [fwd] IPFW fwd to remote address (from: iaccounts@ibctech.ca) Message-ID: <20040709173530.GA771@freebsd.vmware.dpsca.bg>
next in thread | raw e-mail | index | archive | help
--mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable ----- Forwarded message from Steve Bertrand <iaccounts@ibctech.ca> ----- From: "Steve Bertrand" <iaccounts@ibctech.ca> To: freebsd-ipfw@freebsd.org Date: Fri, 9 Jul 2004 12:44:33 -0400 (EDT) Subject: IPFW fwd to remote address I am trying to set up a forward from one machine to another on a remote network across the Internet. I want to receive requests on one box on port 8080 and simply forward them to a remote machine on the same port. I have tried the following rules, to no avail. I have IPFIREWALL_FORWARD in my kernel (4.10), and # ipfw show reports the hits to the rule. # ipfw add 1000 fwd 216.209.x.x tcp from any to me 8080 # ipfw add 1000 fwd 216.209.x.x,8080 tcp from any to me 8080 # ipfw add 1000 fwd 216.209.x.x tcp from any to me 8080 # ipfw add 1000 fwd 216.209.x.x,8080 from any to any 8080 I can not see the packets going back out of the machine, nor does ipfw log anything at the other end. # tcpdump at the remote end does not pick up any traffic. Does this have something to do with the fact that I am going across the Internet, and it is trying to route the packets back to itself (I understand the dest does not get changed). If so, how could I re-write the packets so they will get delivered? Tks for any help on this Steve _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" ----- End forwarded message ----- You have answered yourself why doesn't forwarding work at this situation. If you want to forward http traffic you may try squid (www/squid) in accelerator mode. --=20 Dancho Penev GnuPG public key: http://www.mnet.bg/~dpenev/gnupg.asc Key fingerprint: E88D 8B7B 3EF6 E9C8 C5D2 7554 2AA8 C347 71A1 4277 --mP3DRpeJDSE+ciuQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA7tdiKqjDR3GhQncRAk3/AJwPDnzsVMtqHqIRJb8+CAwtOgPVQwCdFLa4 glrS5fmDWV/4hco8Ov1gpB8= =/AMM -----END PGP SIGNATURE----- --mP3DRpeJDSE+ciuQ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040709173530.GA771>