Date: Fri, 28 Dec 2001 13:31:07 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: "Crist J . Clark" <cjc@FreeBSD.ORG> Cc: Henry Su <henrysu@nttmcl.com>, freebsd-net@FreeBSD.ORG Subject: Re: Why is my ipfw(8) ``fwd'' rule to redirect a service to another machine not working? Message-ID: <Pine.BSF.4.21.0112281326060.94344-100000@InterJet.elischer.org> In-Reply-To: <20011227231922.N2090@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
You need to correct the FAQ.. "The correct way to ensure that this does not happen is to also add a 'fwd' rule on the destination rule, forwarding the packet to localhost. This will override the destination machine's tendancy to throw the forwarded packet back" Also, in versions of FreeBSD before 4.6, packets matched while INCOMING could only be forwarded to the local host. Outgoing packets could be forwarded to an adjoining host. This was fixed while 4.5 was cooking and appeared in releases after that. The port number is only used for forwarding to the local host. On Thu, 27 Dec 2001, Crist J . Clark wrote: > On Thu, Dec 27, 2001 at 05:42:16PM -0800, Henry Su wrote: > > > > http://www.unixguide.net/freebsd/faq/09.20.shtml > > > > Is there a way to configure your machine not drop these packets? > > I wrote that FAQ entry for people directing packets to another > machine. When you are forwarding the packets to 127.0.0.1, the local > machine, it is not an issue. The packets will be "accepted" by the > system. (But that doesn't mean the application will behave well.) > -- > "It's always funny until someone gets hurt. Then it's hilarious." > > Crist J. Clark | cjclark@alum.mit.edu > | cjclark@jhu.edu > http://people.freebsd.org/~cjc/ | cjc@freebsd.org > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0112281326060.94344-100000>