From owner-freebsd-questions@FreeBSD.ORG Sat Mar 29 20:09:21 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 104AE106566B for ; Sat, 29 Mar 2008 20:09:21 +0000 (UTC) (envelope-from jessy@sicha.net) Received: from viefep32-int.chello.at (viefep32-int.chello.at [62.179.121.50]) by mx1.freebsd.org (Postfix) with ESMTP id 49C738FC12 for ; Sat, 29 Mar 2008 20:09:19 +0000 (UTC) (envelope-from jessy@sicha.net) Received: from du.sicha.net ([84.113.235.172]) by viefep32-int.chello.at (InterMail vM.7.08.02.02 201-2186-121-104-20070414) with ESMTP id <20080329200918.RCOM12501.viefep32-int.chello.at@du.sicha.net>; Sat, 29 Mar 2008 21:09:18 +0100 X-Virus-Scanned: amavisd-new at sicha.net Message-Id: <67DFEA65-9B33-462F-A95C-5EEF328138AC@sicha.net> From: Robert Jesacher To: Tuc at T-B-O-H.NET In-Reply-To: <200803290025.m2T0PYZc070500@himinbjorg.tucs-beachin-obx-house.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v919.2) Date: Sat, 29 Mar 2008 21:08:49 +0100 References: <200803290025.m2T0PYZc070500@himinbjorg.tucs-beachin-obx-house.com> X-Mailer: Apple Mail (2.919.2) Cc: freebsd-questions@freebsd.org Subject: Re: Quick+easy port redirect X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2008 20:09:21 -0000 On 29.03.2008, at 01:25, Tuc at T-B-O-H.NET wrote: > Hi, > > Is there a quick/easy (cookbook?) way to do port > redirects. Basically I want that anything that leaves > a specific interface to any ip on port 80 go to > 192.168.0.1 port 87. > > I'm using ipfw for some other things so it has to > work and play well with that. > > Thanks, Tuc In case you want to try transparent proxying you need to look into firewalling. I can only tell you how this would work with OpebBSD's PF since I use it myself and quite like it. :-) Have a look at pf.conf(5), but it should work like this (in /etc/ pf.conf): +++++++++++++ int_if = "em0" rdr on $int_if proto tcp from $int_if:network port { 80 } -> 192.168.0.1 port 87 +++++++++++++ In this example you need to specify your network interface as int_if (in my case it is em0) If this doesn't suit your situation, you probably need to give us more information: The kind of network setup you use (eg internal -> firewall -> external) and what needs to connect to and from where. do you have a firewall solution in place (PF, ipfilter, ipfw)? And what do you need to achieve? br & good luck, Robert