From owner-freebsd-net@FreeBSD.ORG Wed Sep 13 06:50:19 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0880F16A416 for ; Wed, 13 Sep 2006 06:50:19 +0000 (UTC) (envelope-from freebsd@dwec.ru) Received: from mail.dwec.ru (mail.dwec.ru [194.84.175.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9767243D4C for ; Wed, 13 Sep 2006 06:50:14 +0000 (GMT) (envelope-from freebsd@dwec.ru) Received: from mail.dwec.ru (delivery-agent [127.0.0.200]) by mail.dwec.ru (8.13.8/8.13.1/no info ; )) with ESMTP id k8D6oCww003370 for ; Wed, 13 Sep 2006 10:50:12 +0400 (MSD) (envelope-from freebsd@dwec.ru) From: freebsd@dwec.ru Received: from oivanovmob (gw [194.84.175.30]) by mail.dwec.ru (8.13.8/8.13.1/no info ; )) with SMTP id k8D6oCh6003365 for ; Wed, 13 Sep 2006 10:50:12 +0400 (MSD) (envelope-from freebsd@dwec.ru) Message-ID: <12d701c6d700$f48904b0$6407a8c0@oivanovmob> To: Date: Wed, 13 Sep 2006 10:50:18 +0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="koi8-r"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 X-SpamTest-Version: SMTP-Filter Version 2.0.0 [0125], KAS/Release X-Spamtest-Info: Pass through X-Anti-Virus: Kaspersky Anti-Virus for MailServers 5.5.10/RELEASE, bases: 13092006 #209922, status: clean Subject: ipfw forward X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Sep 2006 06:50:19 -0000 Hello all I'm confused a bit. Here's what I have: a firewall (with address A) and a proxy host (in internal network) with address B. Both running latest FBSD 6.1-stable. Addresses are (samples) "A" -192.168.0.1 and "B" - 192.168.0.2. Both kernel are compiled with options "ipfirewall" and "ipfirewall_forward". The firewall is supposed to forward outgoing POP3 traffic (from internal LAN) to the proxy (the obviuos). The scheme: [internal lan + proxy] <---> [firewall] <---> [elsewhere] So, on the firewall I add rule "ipfw add fwd B tcp from internal_net to any 110 in recv internal_intf" On the proxy server I add rule "ipfw fwd 127.0.0.1,PROXY_PORT tcp from any to any 110". What I get: I get firewall which is trying to forward packets to default gateway (plenty of DENIES on the external interface of the firewall). Question: what am I doing wrong? PS the same configuration works perfectly on FBSD 4.11 Oleg Y. Ivanov IT Manager Daewoo Electronics Europe GmbH Moscow Representative Office