Date: Thu, 14 Dec 2000 13:42:57 -0500 (EST) From: "Nathan Vidican" <webmaster@wmptl.com> To: Alwyn Goodloe <agoodloe@gradient.cis.upenn.edu> Cc: questions@freebsd.org Subject: Re: Firewall question Message-ID: <200012141842.NAA49633@mail2.wmptl.com>
next in thread | raw e-mail | index | archive | help
> Guys, > > > First I would like to thank everyone who responded to last weeks > question. > > This time around my question is a little more detailed (as I managed > to learn more :-) ). I was going to filter on a particular condition > and divert those packets to a divert socket where some processing was > to take place and if the proper conditions are met we would send the > little guys on their way. But as I read the code the packet is basically > gone from the routing software at that point. Any idea how to send the > packets on their way once I've diverted them. I know this may be an easy > question to those who do this sort of thing alot. As a last resort I was just > going to hack the ip_fw_chk() fn (in ip_fw.c). Of course I don't like > hacking systems internals if there is an easy way around it. > > > Thanks for your help. > > > Alwyn Goodloe > agoodloe@gradient.cis.upenn.edu > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > > You're probably going to need to use NATD (Network Address Translation) for that. I don't know the paticulars of your setup, but NAT will allow you to divert traffic from one port on one IP address, to another port on another address, (wheather it be another 'real' ip, or a private one). Basically it'll go something like this: xxx.xxx.xxx.xxx:xx (outside IP address) --> yyy.yyy.yyy.yyy:yy (second address) You need to utilize NATD, so as to allow the second machine to send back through the first. As I see it, this is essentially what you're trying to accomplish no? -- Nathan Vidican webmaster@wmptl.com Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012141842.NAA49633>