From owner-freebsd-stable Sun Jan 28 19:53:21 2001 Delivered-To: freebsd-stable@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 71B7437B400 for ; Sun, 28 Jan 2001 19:53:01 -0800 (PST) Received: from rfx-216-196-73-168.users.reflexcom.com ([216.196.73.168]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Sun, 28 Jan 2001 19:50:57 -0800 Received: (from cjc@localhost) by rfx-216-196-73-168.users.reflexcom.com (8.11.1/8.11.1) id f0T3qxw92781; Sun, 28 Jan 2001 19:52:59 -0800 (PST) (envelope-from cjc) Date: Sun, 28 Jan 2001 19:52:58 -0800 From: "Crist J. Clark" To: Kal Torak Cc: FreeBSD-stable Subject: Re: ipfw forwarding (more info) Message-ID: <20010128195258.B91447@rfx-216-196-73-168.users.reflex> Reply-To: cjclark@alum.mit.edu References: <3A72CB47.7A5DD83@quake.com.au> <20010127220257.B28504@nevermind.kiev.ua> <3A732BE9.F559820D@quake.com.au> <3A732EFB.E7E743BA@quake.com.au> <20010127170621.M10761@rfx-216-196-73-168.users.reflex> <3A7411CF.816DA573@quake.com.au> <20010128132028.W10761@rfx-216-196-73-168.users.reflex> <3A74AA27.9E30C7C2@quake.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <3A74AA27.9E30C7C2@quake.com.au>; from kaltorak@quake.com.au on Mon, Jan 29, 2001 at 10:24:23AM +1100 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Jan 29, 2001 at 10:24:23AM +1100, Kal Torak wrote: > > > Yeah using the redirect_port option in natd works, but I dont understand > > > why it doesnt work with ipfw... I thought natd might be stopping, but even > > > having the fwd rule before the divert to natd rule doesnt change anything.. > > > Dose ipfw fwd even work to remote machines? > > > > Yes, it works. No, it does not work how you want it to. The 'fwd' > > directive does exactly what it says, it forwards a packet to some > > location. What it does NOT do is change the packet in any way. That > > is, when you forward a packet to another machine, the packet arrives > > at the next machine (or next hop on the way there) with the > > destination IP address unchanged from the original packet. I doubt the > > machine you are sending this to does anything with a packet not > > addressed to it. > > Ahhh, now I see... And since the packet was addressed to the machine that > was forwarding it, it never actually went anywhere... No, it will still be forwarded (it will pe passed at layer 2) to the next hop machine... But what that box does with it (what you want it to or something else), I can't say. > I had thought the fwd rule changed the destination address on the packet > not just the next hop address... Nope it does not touch the destination address. Read ipfw(8) very, very carefully again. Could you do me a favor? I've gotten tired of answering this one so I wrote a FAQ entry. If you had ben pointed to the following FAQ item, http://www.unixfreak.org/~dima/home/freebsd/data/FAQ/networking.html#IPFW-FWD Would that have straightened you out? Any suggestions for it? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message