Date: Fri, 2 May 2003 14:32:49 -0600 (MDT) From: Nick Rogness <nick@rogness.net> To: Bill Moran <wmoran@potentialtech.com> Cc: freebsd-questions@freebsd.org Subject: Re: Transparent UDP redirection Message-ID: <20030502142402.T16303-100000@skywalker.rogness.net> In-Reply-To: <3EB2AC67.5080200@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2 May 2003, Bill Moran wrote: > Jonathan wrote: > > Hi all, > > > > I'm trying to temporarily move a radius server from one box to another. > > The only problem at the moment is that I tried using portfwd to divert > > traffic between the boxes, but it doesn't support transparent proxies > > under FreeBSD, so the source address isn't showing up correctly. > > > > Can anyone suggest a port/package that has this feature? I think > > ipfw/ipfilter is overkill for this, but I've been wrong before :) > > Should be able to make natd use -redirect_port to accomplish this (in > base system) Doesn't RADIUS have redirect functions built into the > protocol that you could use? (not sure, it's been a while) Most common radius servers support proxy forwarding to another radius server. This is usually a better solution :-) If you want to forward on a lower layer, just use: # ipfw add divert natd ip from any to any via $INT # natd -redirect_port udp $NEW_IP:1645 $OLD_IP:1645 -redirect_port udp $NEW_IP:1646 $OLD_IP:1646 -n $INT Or the equivalent ipfilter map commands. Nick Rogness <nick@rogness.net> - How many people here have telekenetic powers? Raise my hand. -Emo Philips
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030502142402.T16303-100000>