From owner-freebsd-ipfw Mon Jan 27 7:36:45 2003 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 07CC237B401 for ; Mon, 27 Jan 2003 07:36:44 -0800 (PST) Received: from aker.amduat.net (aker.amduat.net [206.124.149.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42E5943EB2 for ; Mon, 27 Jan 2003 07:36:43 -0800 (PST) (envelope-from jbarrett@amduat.net) Received: from amduat.net (trilluser@osiris.amduat.net [10.0.0.69]) (authenticated bits=0) by aker.amduat.net (8.12.6/8.12.6) with ESMTP id h0RFaZWw059056 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Mon, 27 Jan 2003 07:36:37 -0800 (PST) (envelope-from jbarrett@amduat.net) Message-ID: <3E3551ED.5070909@amduat.net> Date: Mon, 27 Jan 2003 07:36:13 -0800 From: "Jacob S. Barrett" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130 X-Accept-Language: en-us, en MIME-Version: 1.0 To: =?ISO-8859-1?Q?Erik_Paulsen_Sk=E5lerud?= Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: Redirecting all outbound traffic to internal website References: <001d01c2c5f2$b1aa22f0$0a00000a@lan.tekniker.no> In-Reply-To: <001d01c2c5f2$b1aa22f0$0a00000a@lan.tekniker.no> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This won't change the destination addess of the packet, it just forwards it to that address at which point it is dropped since it doesn't have the correct address in the destination. I think I figured it out last night, but I haven't had much time to test it. How does this look? Is there something better? # natd -a 10.129.0.1 -in_port 12345 -out_port 12346 -target_address 10.0.0.1 #ipfw add divert 12345 ip from 10.128.0.0/16 to any #ipfw add divert 12346 ip from 10.0.0.1 to 10.128.0.0/16 -Jake Erik Paulsen Skålerud wrote: > ipfw add fwd 10.1.1.1 tcp from 10.128.0.0/16 to any > > Erik. > > -----Original Message----- > From: owner-freebsd-ipfw@FreeBSD.ORG > [mailto:owner-freebsd-ipfw@FreeBSD.ORG] On Behalf Of Jacob S. Barrett > Sent: Monday, January 27, 2003 3:11 AM > To: freebsd-ipfw@FreeBSD.ORG > Subject: Redirecting all outbound traffic to internal website > > > I want to be able to redirect all outbound traffic from a particular > address range, 10.128.0.0/16, to an internal server 10.1.1.1. This way > if they try to browse to www.yahoo.com, or any other site, they really > just get my website. In know this can be done. I have done it once > before, but now I can't remember how I did it. I have spent hours > searching the archives at google with no luck. I know it is some > combination of ipfw and natd, but I can't seem to hit the right > combination. > > I want the destination IP translated to 10.1.1.1 for all ip traffic from > > 10.128.0.0/16. > > Any clues? > -- Jacob S. Barrett jbarrett@amduat.net www.amduat.net "I don't suffer from insanity, I enjoy every minute of it." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message