Date: Sun, 19 Mar 2000 21:03:40 +1100 (EST) From: Gavin Cameron <gavin@itworks.com.au> To: questions@freebsd.org Subject: IPFW question Message-ID: <Pine.BSF.4.21.0003192056280.11948-100000@maybe.itworks.com.au>
next in thread | raw e-mail | index | archive | help
Hi all,
I have the following turned in my kernel on under 4.0-RELEASE
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #print information about
# dropped packets
options IPFIREWALL_FORWARD #enable transparent proxy support
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by
default
options IPDIVERT #divert sockets
options IPSTEALTH #support for stealth forwarding
And if I do the following
ipfw add 100 divert 23 log tcp from mach1 to mach2 80
Then I think that if I telnet from mach1 to mach2 on port 80 then I expect
to see a telnet session start up.
Am I right in the way that I read the divert line?
I get lines like
Mar 19 20:57:50 gavin1 /kernel: ipfw: 100 Divert 23 TCP
mach1:1625 mach2:80 in via ed0
in my IPFW logfiles but I don't see a telnet session.
The test is a precursor to getting FreeBSD 4.0 working with squid 2.3 to
act as a transparent proxy for packets directed to it by an Alteon
CacheDirector. If someone already have a working config (both IPFW and
squid) for this scenario and wouldn't mind parting with it I'd be very
appreciative.
Cheers and thanks,
Gavin
[]-----------------------------------+------------------------------------[]
| Gavin Cameron | ITworks Consulting |
| Ph : +61 3 9642 5477 | Level 8, 488 Bourke Street |
| Fax : +61 3 9642 5499 | Melbourne, Victoria |
| Email : gavin@itworks.com.au | Australia, 3000 |
[]-----------------------------------+------------------------------------[]
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003192056280.11948-100000>