From owner-freebsd-ipfw@FreeBSD.ORG  Wed Nov 28 08:21:22 2007
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4273E16A417
	for <freebsd-ipfw@freebsd.org>; Wed, 28 Nov 2007 08:21:22 +0000 (UTC)
	(envelope-from swun2010@gmail.com)
Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.180])
	by mx1.freebsd.org (Postfix) with ESMTP id 14DA113C459
	for <freebsd-ipfw@freebsd.org>; Wed, 28 Nov 2007 08:21:21 +0000 (UTC)
	(envelope-from swun2010@gmail.com)
Received: by wa-out-1112.google.com with SMTP id k17so1792865waf
	for <freebsd-ipfw@freebsd.org>; Wed, 28 Nov 2007 00:21:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	bh=rOzMdaloCCxw4pKwvLzjGzMLg4R5wIiNR6mGuEsDUOA=;
	b=tyLjliOyck/UAQghAghZawjWs1pn4psSP1iFttnOFy/HNaGtvY/vweMpqYXeKHocxVJxrz90nQzLWqJXskNfxPZ+lcp0RvwBClP+4+y4AK97EJq1YHpkdV7QuXWFDiIDvNdS7jD9g6ml2QEjtMEaxCkfuJEGhCGXLxXCenkrFm4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=R4Z4IsnbFAiRwrVFMg4E3LSjMRcOkDVM/5MJDyb0C07pfo/7cYyJpn5L/1zLoZL6g3BQfaBdBfE8UT7dTJ8iuRprdVxwmnobzfAknMY7yOULJL4yLNka5Zmlo36jvcBoveDLgYHvxlO2Z0pZ6inGAzyyRoLXG33zBm3N9oXQ0Lw=
Received: by 10.114.53.1 with SMTP id b1mr926435waa.1196238081603;
	Wed, 28 Nov 2007 00:21:21 -0800 (PST)
Received: by 10.115.17.14 with HTTP; Wed, 28 Nov 2007 00:21:21 -0800 (PST)
Message-ID: <736c47cb0711280021g2ad48ec2g7bdc0246f027c3b6@mail.gmail.com>
Date: Wed, 28 Nov 2007 19:21:21 +1100
From: "Sam Wun" <swun2010@gmail.com>
To: "Sepherosa Ziehau" <sepherosa@gmail.com>
In-Reply-To: <ea7b9c170711272212x3c0faf9eg6b314669431a821b@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <736c47cb0711271803o46dd89d8te49d5969fd358d15@mail.gmail.com>
	<ea7b9c170711271940m70bb41c2se39a15d3519b98f8@mail.gmail.com>
	<736c47cb0711272018k1e40b1b7v7edfa1d2b5d50891@mail.gmail.com>
	<ea7b9c170711272212x3c0faf9eg6b314669431a821b@mail.gmail.com>
Cc: freebsd-ipfw@freebsd.org
Subject: Re: ipfw forwarding doesn't work - for more than 2 months. ---
	please help
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2007 08:21:22 -0000

On Nov 28, 2007 5:12 PM, Sepherosa Ziehau <sepherosa@gmail.com> wrote:
> On Nov 28, 2007 12:18 PM, Sam Wun <swun2010@gmail.com> wrote:
> > I have read the manpages and freebsd handbook more than 20 tiems.
>
> Oh?  Then I think you must have read this in ipfw manpage:
> ...
> The fwd action does not change the contents of the packet at all.  In
> particular, the destination address remains unmodified, so packets
> forwarded to another system will usually be rejected by that system
> unless there is a matching rule on that system to capture them.
> ...
>
OK, I mis-read that. is that mean I need to implement a rule in the
internal web server?
I t hink I just need to install rinet in this freebsd router  for the
port forwarding.

Thanks

> Best Regards,
> sephe
>
>
> >
> >
> >
> > On Nov 28, 2007 2:40 PM, Sepherosa Ziehau <sepherosa@gmail.com> wrote:
> > > On Nov 28, 2007 10:03 AM, Sam Wun <swun2010@gmail.com> wrote:
> > > > Hi,
> > > >
> > > > I setup the following ipfw rules in freebsd 6.2:
> > > > belmore# ipfw list
> > > > 00001 allow udp from any to any dst-port 500
> > > > 00001 allow esp from any to any
> > > > 00001 allow esp from any to any
> > > > 00001 allow ipencap from any to any
> > > > 00001 allow ipencap from any to any
> > > > 00020 fwd 192.168.1.222 ip from any to 220.233.24.213 dst-port 80 in
> > >
> > > I don't think this does the rdr you intended.  Please take a look at
> > > ipfw manpage.
> > >
> > > Best Regards,
> > > sephe
> > >
> > > > I don't know what is wrong that the freebsd server (6.2) can't
> > > > redirect/forward http request to an internal server (web server -
> > > > 192.168.1.222).
> > > >
> > > > Can anyone please give suggestion to modify this rules?
> > > > Or can you please post your workable ipfw rules that achieved the same goal?
> > > >
> > > > Thanks
> > > > S
> > > > _______________________________________________
> > > > freebsd-ipfw@freebsd.org mailing list
> > > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> > > > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
> > > >
> > >
> > >
> > >
> > > --
> > > Live Free or Die
> > > _______________________________________________
> > > freebsd-ipfw@freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> > > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
> > >
> >
>
>
>
> --
> Live Free or Die
>