From owner-freebsd-net  Sun Mar  9 15:46:17 2003
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 73C2437B401; Sun,  9 Mar 2003 15:46:15 -0800 (PST)
Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id D745143F75; Sun,  9 Mar 2003 15:46:14 -0800 (PST)
	(envelope-from crist.clark@attbi.com)
Received: from blossom.cjclark.org (12-234-89-252.client.attbi.com[12.234.89.252])
          by rwcrmhc51.attbi.com (rwcrmhc51) with ESMTP
          id <2003030923461405100kke3ke>; Sun, 9 Mar 2003 23:46:14 +0000
Received: from blossom.cjclark.org (localhost. [127.0.0.1])
	by blossom.cjclark.org (8.12.6/8.12.3) with ESMTP id h29NkDeq088701;
	Sun, 9 Mar 2003 15:46:13 -0800 (PST)
	(envelope-from crist.clark@attbi.com)
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.12.6/8.12.6/Submit) id h29Nk9Zj088700;
	Sun, 9 Mar 2003 15:46:09 -0800 (PST)
X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f
Date: Sun, 9 Mar 2003 15:46:08 -0800
From: "Crist J. Clark" <crist.clark@attbi.com>
To: denb <denb@front.ru>
Cc: freebsd-net@FreeBSD.ORG, ipfw@FreeBSD.ORG
Subject: Re: Why natd don't divert packets?
Message-ID: <20030309234608.GA88267@blossom.cjclark.org>
Reply-To: "Crist J. Clark" <cjc@FreeBSD.ORG>
References: <200303070800.h2780hWF058395@www6.mailru.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200303070800.h2780hWF058395@www6.mailru.com>
User-Agent: Mutt/1.4i
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

On Fri, Mar 07, 2003 at 11:00:43AM +0300, denb wrote:
> Why natd don't divert packets?
> 
> *********screenshot***********************
> 
> #ipfw add divert 1111 tcp from any to any 7
> #ipfw add divert 1111 tcp from any 7 to any
> #natd  -v -p 1111 -a 172.16.0.102 -redirect_port tcp 172.16.0.253:7 7
> 
> In  [TCP]  [TCP] 172.16.0.104:49169 -> 172.16.0.102:7 aliased to
>            [TCP] 172.16.0.104:49169 -> 172.16.0.253:7
> 
> In  [TCP]  [TCP] 172.16.0.104:49169 -> 172.16.0.102:7 aliased to
>            [TCP] 172.16.0.104:49169 -> 172.16.0.253:7
> 
> ^C
> *********screenshot***********************

Looks like its working perfectly.

> Where is Out[TCP]?

Dunno.

> Rules after natd running (why second rule has 0 in packets number?):
> 
> *********screenshot***********************
> #ipfw show
> 0001  6  180 divert 1111 tcp from any to any dst-port 7
> 0002  0    0 divert 1111 tcp from any 7 to any
> *********screenshot***********************

Are you sure 172.16.253 is responding?

  # ipfw add divert 1111 tcp from any to any 7
  # ipfw add count tcp from any 7 to any
  # ipfw add divert 1111 tcp from any 7 to any

-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message