From owner-freebsd-questions@FreeBSD.ORG  Sun Nov  2 17:32:31 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C015D16A4CE
	for <questions@freebsd.org>; Sun,  2 Nov 2003 17:32:31 -0800 (PST)
Received: from falcon.midgard.homeip.net (h76n3fls24o1048.bredband.comhem.se
	[213.67.148.76])	by mx1.FreeBSD.org (Postfix) with SMTP id B72C443FE0
	for <questions@freebsd.org>; Sun,  2 Nov 2003 17:32:28 -0800 (PST)
	(envelope-from ertr1013@student.uu.se)
Received: (qmail 1507 invoked by uid 1001); 3 Nov 2003 01:32:26 -0000
Date: Mon, 3 Nov 2003 02:32:26 +0100
From: Erik Trulsson <ertr1013@student.uu.se>
To: Chris Hill <chris@monochrome.org>
Message-ID: <20031103013225.GA1481@falcon.midgard.homeip.net>
Mail-Followup-To: Chris Hill <chris@monochrome.org>,
	FreeBSD Questions List <questions@freebsd.org>
References: <20031102191139.F40186-100000@frambozen.monochrome.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20031102191139.F40186-100000@frambozen.monochrome.org>
User-Agent: Mutt/1.5.4i
cc: FreeBSD Questions List <questions@freebsd.org>
Subject: Re: Divert port 80 to internal server
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Nov 2003 01:32:31 -0000

On Sun, Nov 02, 2003 at 08:20:48PM -0500, Chris Hill wrote:
> I'm trying to set up an internal machine to serve all my web sites. I
> have one routable IP and a slew of inside machines on 192.168.1.*, one
> of which is to be the web server.
> 
> My gateway machine (running the ipfw in question) is an ancient FreeBSD
> running ipfw and natd:
> 
> # uname -a
> FreeBSD mail.monochrome.org 3.3-RELEASE FreeBSD 3.3-RELEASE #0: (etc...)

Considered updating?  I am fairly sure there are a number of bugs and
security problems that have been fixed since 3.3 came out.

> 
> I'm trying to set up a rule under ipfw which will send all requests for
> port 80 to the internal machine. The web server's name is faro and its
> internal IP is defined in /etc/hosts all over my LAN. I've tried a bunch
> of different ipfw commands in /etc/rc.firewall, such as


Take a look at the '-redirect_port' option to natd(8).  I believe it
does exactly what you want.  Let natd handle the redirection rather
than ipfw.


-- 
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@student.uu.se