Date: Mon, 29 Jul 2002 19:43:31 +0000 From: Philip Reynolds <philip.reynolds@rfc-networks.ie> To: freebsd-ipfw@freebsd.org Subject: Re: divert a port to another ip Message-ID: <20020729194331.A14733@rfc-networks.ie> In-Reply-To: <3D45740A.2000704@devzerog.com>; from m@devzerog.com on Mon, Jul 29, 2002 at 05:57:46PM %2B0100 References: <3D45740A.2000704@devzerog.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Mike, Mike Dewhirst <m@devzerog.com> 25 lines of wisdom included: > Hi, > > If I want to divert all requests on a certain port to another ip address > and another port, e.g. > > 80.0.0.123:666 --> 192.10.10.5:22 > > what would be the rule? I thought: > > divert 8668 tcp from any 666 to 192.10.10.5 22 via xl0 Divert 8668 is using NAT (Network Address Translation). Do you actually want to forward all requests to another IP and port or do you want to do NAT? If you're looking to blindly forward, look at the ``fwd'' part of ipfw(8) (man 8 ipfw) For this, on 4.6-RELEASE anyways, it expects that options IPFIREWALL_FORWARD is in your kernel. If it's not you're going to have to do a kernel recompile. http://tardis.redbrick.dcu.ie/87 > 8668 is the natd port (I think) - I have this rule that works: > divert 8668 ip from any to any via xl1 > > But it doesn't seem to work. Any ideas? > > Also, what is a good online resource for ipfw? http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO -- Philip Reynolds | Technical Director philip.reynolds@rfc-networks.ie | RFC Networks Ltd. http://www.rfc-networks.ie | +353 (0)1 8832063 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020729194331.A14733>