From owner-freebsd-ipfw@FreeBSD.ORG  Fri Nov 14 16:21:04 2014
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 6E1E0FA1
 for <freebsd-ipfw@freebsd.org>; Fri, 14 Nov 2014 16:21:04 +0000 (UTC)
Received: from cu01078b.smtpx.saremail.com (cu01078b.smtpx.saremail.com
 [195.16.151.53])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 2F121D38
 for <freebsd-ipfw@freebsd.org>; Fri, 14 Nov 2014 16:21:03 +0000 (UTC)
Received: from [172.16.2.46] (izaro.sarenet.es [192.148.167.11])
 by proxypop04.sare.net (Postfix) with ESMTPSA id 1B9399DC67B
 for <freebsd-ipfw@freebsd.org>; Fri, 14 Nov 2014 17:13:49 +0100 (CET)
From: Egoitz Aurrekoetxea <egoitz@ramattack.net>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Questions about ipfw
Message-Id: <B56977EE-04D3-4B54-841E-2FAF1E840BED@ramattack.net>
Date: Fri, 14 Nov 2014 17:13:47 +0100
To: freebsd-ipfw@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
X-Mailer: Apple Mail (2.1990.1)
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 16:21:04 -0000

Good afternoon,

I wanted to formulate a couple of questions I=E2=80=99m doing my self =
some time ago.=20

1 - With Linux, Iptables and mod_conntrack_ftp you can allow only =
connecting to unprivileged port ranges for=20
ftp passive mode to ip addresses who have properly established a tcp/21 =
port connection. Is this possible in=20
FreeBSD with ipfw?.

2.- I am a client A connecting to public ip 1.1.1.1 (for example) of =
host B. I want this packets at B to be redirected to host C
but changing the source address of A from that packets with the ip =
address of B. Later when B receives back the answer of C
that packets from the answer to be redirected to A changing B =
destination ip address to A destination ip address. So when telnetting
from client A to host B for example to port 5000, really, to be =
telnetting host C port 5000 for example and work this telnet properly =
from A.

The most important question is number two. Could you help me please?.

Best regards.=