Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Jun 2000 12:53:30 -0400 (EDT)
From:      Andy Dills <andy@xecu.net>
To:        cjclark@alum.mit.edu
Cc:        "purpledreams.com system administrator" <super@purpledreams.com>, freebsd-ipfw@FreeBSD.ORG
Subject:   Re: Hijacking DNS with ipfw
Message-ID:  <Pine.GSO.4.21.0006121047220.8612-100000@shell.xecu.net>
In-Reply-To: <20000610121626.A1197@dialin-client.earthlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, 10 Jun 2000, Crist J. Clark wrote:

> On Sat, Jun 10, 2000 at 12:30:23PM -0400, Andy Dills wrote:
> 
> [snip]
> 
> > The problem is, AFAIK nat will not do that under any circumstances. I
> > tried this approach already:
> > 
> > (I'm running on instance of natd on 8668 already. According to the manpage
> > for natd, -reverse is the closest approximation to what I'm trying to do)
> > 
> > natd -p 8669 -alias_address <primary ip of inside card> -reverse
> > ipfw add 10 divert 8669 udp from any to any 53 via xl1
> > ipfw add 11 fwd 127.0.0.1,53 udp from <ip from the natd command> to any 53
> > 
> > That's the only way I can think of to do this with nat, and that didn't
> > work either.
> 
> Shouldn't this be,
> 
>   # cat /etc/natd_dns.conf  # command line for natd getting long
>   port 8669
>   interface xl1
>   reverse
>   redirect_address <internal IP> 0.0.0.0
>   # natd -f /etc/natd_dns.conf
>   # ipfw add 10 divert 8669 udp from any to any 53 via xl1
>   # ipfw add 11 divert 8669 tcp from any to any 53 via xl1

FWIW, this still didn't do the trick. Because the method I originally
wanted to use worked fine for http, I'm 99% sure the source of the problem
is with named. I'm off to beat on those bushes, to see if the bind
developers can explain it.

Andy

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills                              301-682-9972
Xecunet, LLC                            www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.21.0006121047220.8612-100000>