Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 5 Jan 2002 18:46:41 -0800
From:      "Crist J. Clark" <cristjc@earthlink.net>
To:        Dean Hollister <dean@odyssey.apana.org.au>
Cc:        questions@freebsd.org
Subject:   Re: ipfw question
Message-ID:  <20020105184641.G204@gohan.cjclark.org>
In-Reply-To: <5.1.0.14.2.20020106094620.033b5fb8@Pop3.norton.antivirus>; from dean@odyssey.apana.org.au on Sun, Jan 06, 2002 at 09:48:27AM %2B0800
References:  <5.1.0.14.2.20020104083511.00ba2270@Pop3.norton.antivirus> <20020103184834.R61032-100000@odyssey.apana.org.au> <20020103184834.R61032-100000@odyssey.apana.org.au> <20020103143914.D236@gohan.cjclark.org> <5.1.0.14.2.20020104083511.00ba2270@Pop3.norton.antivirus> <20020104142051.A1205@gohan.cjclark.org> <5.1.0.14.2.20020106094620.033b5fb8@Pop3.norton.antivirus>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Sun, Jan 06, 2002 at 09:48:27AM +0800, Dean Hollister wrote:
> At 14:20 04/01/2002 -0800, Crist J. Clark wrote:
> 
> >I wouldn't bother writing that first ",100" since it is meaningless,
> >but that should work.
> 
> Tried removing the line, but an outgoing connection request fails with 
> connection refused. There is a TCP service running on the port on the 
> external machine.
> 
>       Machine A                  Machine B
>          1.1.1.1                 2.2.2.2
> 
> I need to divert any outgoing packet on port 100 to any host over to the 
> same port on machine B.

  # ipfw add fwd 2.2.2.2 from 1.1.1.1 to any 100 out

Should do it, provided,

  1) 2.2.2.2 is local to 1.1.1.1

  2) This is _really_ what you want to do. You do realize that the
  fwd'ed packet is NOT modified. Machine B will receive a datagram
  without the destination address changed in any way (if 1.1.1.1 was
  sending a datagram to 3.3.3.3, port 100, Machine B will receive a
  datagram with a destination address of 3.3.3.3, port 100).

As I think I said before, you probably actually want to do NAT of some
sort.
-- 
"It's always funny until someone gets hurt. Then it's hilarious."

Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020105184641.G204>