From owner-freebsd-hackers Tue Jun 30 19:19:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA29841 for freebsd-hackers-outgoing; Tue, 30 Jun 1998 19:19:52 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA29735 for ; Tue, 30 Jun 1998 19:19:05 -0700 (PDT) (envelope-from julian@whistle.com) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id TAA18769; Tue, 30 Jun 1998 19:14:15 -0700 (PDT) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpd018763; Wed Jul 1 02:14:13 1998 Date: Tue, 30 Jun 1998 19:14:08 -0700 (PDT) From: Julian Elischer To: Evren Yurtesen cc: hackers@FreeBSD.ORG Subject: Re: hello (proxy redirect) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG you need to use natd.. what natd does is to rewrite the packet.. So you would use ipfw to divert packets to natd and natd will rewrite them so that they want to go to 8080 (I have not the exact syntax, but there are examples in the natd documentation I believe) with the following line in /etc/services, natd 6668/divert # Network Address Translation socket I would imagine that rules of the form: ipfw add divert natd ip from any to any 80 in recv ed0 this will take packets coming in on ed0 (or your LAN port) and direct them to the natd process waiting in divert port 6668 Natd will resend them to 8080 you then need the reverse. ipfw add 1 divert natd ip from [youripaddress] 8080 to any which should capture the return packets and convert them back. you then would use the -redirect_port option to natd do do the mapping. This is all theoretical as I've never done it this way. maybe someone else who HAS done it can give corrections. julian On Wed, 1 Jul 1998, Evren Yurtesen wrote: > well I use a configuration line like this > > ipfw add 1 divert 8080 tcp from any to 195.174.18.2 80 > > is this enough or should I use natd too ? > > On Wed, 1 Jul 1998, Evren Yurtesen wrote: > > > hello > > first thank you for writing an answer to my stupid question :) > > well, I am trying to do that ipfw thing for hours and now it is 4:00am > > here... > > I use 2.2.6 release of freebsd, may I apply the patch? > > anyway even if I may, I do not know how to do it... > > is there any easier way to get the patches and appy and compile > > the ipfw ? > > eh, I am not a unix guru yet :) > > > > thank you > > Evren > > > > > I have a patch for -currnet in > > > http://www.freebsd.org/~julian > > > > > > that allows you to do this > > > > > > I know the patch has a silly typo in it at the moment. > > > (it get's an error on compile but it's easy to dee what's wrong and fix > > > it) > > > > > > I think you can also use natd to do it less efficiently. > > > > > > peter wemm (peter@freebsd.org) has a version of these patches for 2.2.x. > > > > > > > > > > > > On Wed, 1 Jul 1998, Evren Yurtesen wrote: > > > > > > > hello > > > > I want to capture all frames sent to port 80 > > > > and I want to send them to port 8080 which my > > > > proxy server runs. > > > > how may I do it ? > > > > also I guess the reverse action. > > > > > > > > > > > > +--------------------------------------------------------+ > > > > | Name : Evren Yurtesen - yurtesen@ispro.net.tr | > > > > | S-mail: Mithatpasa Cad. No:1079/13 35290 Guzelyali | > > > > | Home:+90-232-2857604 Work:+90-232-2463992 Izmir/TURKEY | > > > > +--------------------------------------------------------+ > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message