Date: Thu, 14 May 1998 21:10:12 +0300 From: Ari Suutari <ari@suutari.iki.fi> To: Philippe Regnauld <regnauld@deepo.prosa.dk> Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPFW + natd -redirect_port Message-ID: <355B3384.55681C04@suutari.iki.fi> References: <19980514143208.15101@deepo.prosa.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Philippe Regnauld wrote: > Example: redirect tcp port 80 on outside-A to tcp port 80 on B. > > I've played around a bit but haven't got anything significant > other than natd effectively logging packets, with the following setup: > > ipfw add 100 divert 6668 tcp from any to outside-A 80 This rule handles only incoming packets, not outgoing ones. I have usually used ipfw add divert 6668 ip from any to any via ep0 to make all traffic on internet interface to go through natd. Passing only some packets through nat and others directly might give you a conflict with port numbers. > > and > > natd -log -redirect_port B:80 80 -interface ep0 (ep0 being the outside-A NIC). > This should be quite OK, remember that you must also have rule that allows traffic from external hosts to B:80. Like this: ipfw add pass tcp from any to any established ipfw add pass tcp from any to B 80 setup Ari S. <ari@suutari.iki.fi> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?355B3384.55681C04>