From owner-freebsd-ports Sat May 29 6:35:28 1999 Delivered-To: freebsd-ports@freebsd.org Received: from apriori.net (paz.static.shore.net [209.192.153.107]) by hub.freebsd.org (Postfix) with ESMTP id 9236E152A3 for ; Sat, 29 May 1999 06:35:19 -0700 (PDT) (envelope-from paz@apriori.net) Received: from localhost (paz@localhost) by apriori.net (8.8.8/8.8.8) with ESMTP id JAA08541 for ; Sat, 29 May 1999 09:31:44 -0400 (EDT) (envelope-from paz@apriori.net) Date: Sat, 29 May 1999 09:31:44 -0400 (EDT) From: paz To: freebsd-ports@FreeBSD.ORG Subject: ipportfw, ipchains + FreeBSD In-Reply-To: <199905291113.EAA32610@freefall.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Does FreeBSD have any provision to forward packets while passing or preserving port numbers to hosts behind a masquerading-type firewall? In other words... I have local network at home which uses the non-routable addresses 192.168.*.*. I'm using ipfw and natd and routed on my FreeBSD gateway. The gateway has a single static IP provided by my service provider. Some apps running on my local net (Windows machine) are choking because they aren't getting replies on the same ports they're intitiated on, and so my gateway/firewall machine tosses out the replies to the local client. Doing some extensive web searches, I keep finding port-based forwarding add-ons and software for Linux-based machines, such as ipportfw and ipchains. These appear to support forwarding rules which apply to this situation. But I haven't seen programs offered in the FreeBSD ports collection to do anything like this. Somehow I suspect that grabbing the Linux ipchains, for example, and installing it on my FreeBSD host wouldn't necessarily run right... Comments, suggestions invited. cheers - -- Philip. philip zimmermann paz@apriori.net www.apriori.net ayer, ma usa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message