From owner-freebsd-questions  Sat Jan  5 18:47:11 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from hawk.prod.itd.earthlink.net (hawk.mail.pas.earthlink.net [207.217.120.22])
	by hub.freebsd.org (Postfix) with ESMTP id D9F6537B41A
	for <questions@freebsd.org>; Sat,  5 Jan 2002 18:47:08 -0800 (PST)
Received: from user-38lc2j1.dialup.mindspring.com ([209.86.10.97] helo=gohan.cjclark.org)
	by hawk.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16N3Kz-0004pi-00; Sat, 05 Jan 2002 18:47:07 -0800
Received: (from cjc@localhost)
	by gohan.cjclark.org (8.11.6/8.11.1) id g062kgI09895;
	Sat, 5 Jan 2002 18:46:42 -0800 (PST)
	(envelope-from cjc)
Date: Sat, 5 Jan 2002 18:46:41 -0800
From: "Crist J. Clark" <cristjc@earthlink.net>
To: Dean Hollister <dean@odyssey.apana.org.au>
Cc: questions@freebsd.org
Subject: Re: ipfw question
Message-ID: <20020105184641.G204@gohan.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <5.1.0.14.2.20020104083511.00ba2270@Pop3.norton.antivirus> <20020103184834.R61032-100000@odyssey.apana.org.au> <20020103184834.R61032-100000@odyssey.apana.org.au> <20020103143914.D236@gohan.cjclark.org> <5.1.0.14.2.20020104083511.00ba2270@Pop3.norton.antivirus> <20020104142051.A1205@gohan.cjclark.org> <5.1.0.14.2.20020106094620.033b5fb8@Pop3.norton.antivirus>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <5.1.0.14.2.20020106094620.033b5fb8@Pop3.norton.antivirus>; from dean@odyssey.apana.org.au on Sun, Jan 06, 2002 at 09:48:27AM +0800
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Sun, Jan 06, 2002 at 09:48:27AM +0800, Dean Hollister wrote:
> At 14:20 04/01/2002 -0800, Crist J. Clark wrote:
> 
> >I wouldn't bother writing that first ",100" since it is meaningless,
> >but that should work.
> 
> Tried removing the line, but an outgoing connection request fails with 
> connection refused. There is a TCP service running on the port on the 
> external machine.
> 
>       Machine A                  Machine B
>          1.1.1.1                 2.2.2.2
> 
> I need to divert any outgoing packet on port 100 to any host over to the 
> same port on machine B.

  # ipfw add fwd 2.2.2.2 from 1.1.1.1 to any 100 out

Should do it, provided,

  1) 2.2.2.2 is local to 1.1.1.1

  2) This is _really_ what you want to do. You do realize that the
  fwd'ed packet is NOT modified. Machine B will receive a datagram
  without the destination address changed in any way (if 1.1.1.1 was
  sending a datagram to 3.3.3.3, port 100, Machine B will receive a
  datagram with a destination address of 3.3.3.3, port 100).

As I think I said before, you probably actually want to do NAT of some
sort.
-- 
"It's always funny until someone gets hurt. Then it's hilarious."

Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message