From owner-freebsd-ipfw@FreeBSD.ORG Sat Nov 6 15:50:02 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 58CC016A4CE for ; Sat, 6 Nov 2004 15:50:02 +0000 (GMT) Received: from smtpauth08.mail.atl.earthlink.net (smtpauth08.mail.atl.earthlink.net [209.86.89.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FB1643D31 for ; Sat, 6 Nov 2004 15:50:02 +0000 (GMT) (envelope-from martes.wigglesworth@earthlink.net) Received: from [213.209.169.198] (helo=[192.168.1.50]) by smtpauth08.mail.atl.earthlink.net with asmtp (TLSv1:AES256-SHA:256) (Exim 4.34) id 1CQSpD-0003pB-BM for freebsd-ipfw@freebsd.org; Sat, 06 Nov 2004 10:50:01 -0500 From: Martes Wigglesworth To: ipfw-mailings Content-Type: text/plain Organization: Wiggtekmicro Corporation Message-Id: <1099756198.703.4.camel@Mobile1.276NET> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Sat, 06 Nov 2004 18:49:58 +0300 Content-Transfer-Encoding: 7bit X-ELNK-Trace: 532caf459ba90ce6996df0496707a79d9bea09fe345ed53d9ef193a6bfc3dd486784e266ebcab6c1b557441a8a6228378093ec8fa1ef8ec6350badd9bab72f9c X-Originating-IP: 213.209.169.198 Subject: More specific diverting rules... X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: martes.wigglesworth@earthlink.net List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Nov 2004 15:50:02 -0000 Greetings list. I am trying to explore the abilities of ipfw to divert more specific traffic patterns. Has anyone been able to successfully divert only specific entities to the outside word, and only specific replies, as follows: divert natd ip from ${int_net} to any out xmit ${ext_dev} divert natd ip from any to ${int_net} in recv ${ext_dev} I have not read a good explanation of what the significance of the divert address/device, is. Does the interface in the last example have to be the external device, or do I need to designate the internal address that the int_net is running on, within the natd machine? Any help would be splended. Thanks. -- Respectfully, M.G.W. System: Asus M6N Intel Dothan 1.7 512MB RAM 40GB HD 10/100/1000 NIC Wireless b/g (not working yet) BSD-5.2.1 GCC-3.3.5/3.3.3(until I replace indigenous gcc) IFORT-for linux(Intell Fortran) gfortran python-2.3 Perl-5.6.1/5.8.5 Java-sdk-1.4.2_5 KDE-3.1.4