Date: Wed, 22 Nov 2000 08:12:04 -0700 (MST) From: Nick Rogness <nick@rapidnet.com> To: Yusuf Goolamabbas <yusufg@outblaze.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: Port redirection using ipfw Message-ID: <Pine.BSF.4.21.0011220807540.67876-100000@rapidnet.com> In-Reply-To: <20001122195942.A26979@outblaze.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Nov 2000, Yusuf Goolamabbas wrote: > Hi, I am trying to solve the following problem. I have a machine with > a single Ethernet interface. I would like incoming packets sent to a > certain port on this machine to be redirected/forward to another > machine (different IP/subnet) and a different port > > I compile a 4.2-stable kernel with the following options > > options IPFIREWALL #firewall > options IPFIREWALL_FORWARD #enable transparent proxy support > options IPDIVERT #divert sockets > options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default > > For e.g if the machine is at 10.0.0.2 and I want to forward incoming > packets at port 81 to 192.168.1.2 port 80. I wrote the following ipfw > rule > > > ipfw add fwd 192.168.1.2,80 log tcp from any to 10.0.0.2 81 Use divert (natd) and redirect_port instead of a port forward. There are several issues involved with port forwarding that makes it very tricky, it's just easier to use natd. > > However, this doesn't seem to work. Any ideas where I am going wrong > or this is not possible with ipfw and I need some other toolchain for > this Yes it is possible. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011220807540.67876-100000>