From owner-freebsd-hackers  Fri Mar  7  0:14:41 2003
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DF27037B407
	for <hackers@freebsd.org>; Fri,  7 Mar 2003 00:14:39 -0800 (PST)
Received: from cultdeadsheep.org (charon.cultdeadsheep.org [80.65.226.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4465F43F85
	for <hackers@freebsd.org>; Fri,  7 Mar 2003 00:14:37 -0800 (PST)
	(envelope-from sheepkiller@cultdeadsheep.org)
Received: (qmail 5641 invoked from network); 7 Mar 2003 08:14:35 -0000
Received: from unknown (HELO lucifer.cultdeadsheep.org) (192.168.0.2)
  by goofy.cultdeadsheep.org with SMTP; 7 Mar 2003 08:14:35 -0000
Date: Fri, 7 Mar 2003 09:14:42 +0100
From: Clement Laforet <sheepkiller@cultdeadsheep.org>
To: denb <denb@front.ru>
Cc: freebsd-questions@freebsd.org, hackers@freebsd.org
Subject: Re: Why natd don't divert packets?
Message-Id: <20030307091442.1cad7ae6.sheepkiller@cultdeadsheep.org>
In-Reply-To: <200303070802.h27826Mn058500@www6.mailru.com>
References: <200303070802.h27826Mn058500@www6.mailru.com>
Organization: tH3 cUlt 0f tH3 d3@d sH33p
X-Mailer: Sylpheed version 0.8.10 (GTK+ 1.2.10; i386-portbld-freebsd4.7)
X-Face: 
 ._cVVRDn#-2((lnfi^P7CoD4htI$4+#G/G)!w|,}H5yK~%(3-C.JlEYbOjJGFwJkt*7N^%z
 jYeu[;}]}F"3}l5R'l"X0HbvT^D\Q&%deCo)MayY`);TO
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Fri, 7 Mar 2003 11:02:06 +0300 (MSK)
denb <denb@front.ru> wrote:

> Why natd don't divert packets?
> 
> *********screenshot***********************
> 
> #ipfw add divert 1111 tcp from any to any 7
> #ipfw add divert 1111 tcp from any 7 to any
> #natd  -v -p 1111 -a 172.16.0.102 -redirect_port tcp 172.16.0.253:7 7
> 
> In  [TCP]  [TCP] 172.16.0.104:49169 -> 172.16.0.102:7 aliased to
>            [TCP] 172.16.0.104:49169 -> 172.16.0.253:7
> 
> In  [TCP]  [TCP] 172.16.0.104:49169 -> 172.16.0.102:7 aliased to
>            [TCP] 172.16.0.104:49169 -> 172.16.0.253:7
> 
> ^C
> *********screenshot***********************
> 
> Where is Out[TCP]?
> 
Your boxes seems to be on the same subnet, "out" packets are directly
sent to 172.16.0.104, not 172.16.0.102
nat'ing implies routing, so natd is inefficient in your case

clem

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message