Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 03 Aug 2007 13:20:38 -0700
From:      Julian Elischer <>
To:        Rudy Setiawan <>
Subject:   Re: redirect traffic based on destination port to another interface
Message-ID:  <>
In-Reply-To: <>
References:  <>	<> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Rudy Setiawan wrote:
> On 8/2/07, Julian Elischer <> wrote:
>> Rudy Setiawan wrote:
>>> Hi,
>>> I am trying to do a traffic redirection based on destination port to
>>> another interface/gateway.
>>> Currently, I have a freebsd box that does simple NAT and an Internet connection.
>>> I am planning to install another internet connection and use the same
>>> box to do some traffic redirection.
>>> INTERNET1 -------- freebsd box ------- INTERNET2
>>>                                  |
>>>                                  |
>>>                        Local Area Network
>>> LAN = with interface em0
>>> INTERNET1-GW = x.x.x.1 with em1
>>> INTERNET2-GW = y.y.y.1 with rl0
>>> My goal is to redirect any ssh traffic to INTERNET2-GW and I assume
>>> that if it can be redirected through INTERNET2-GW then the packets
>>> return will go through INTERNET2-GW also.
>> no, unless you first NAT the packets with the address of that interface.
>> (otherwise the packets will come back through your primary network).
>> if yo have cheep dlink or linksys or whatever DSL routers or whatever with NAT
>> on them then you can use that successfully and just use ipfw 'fwd' rules to select the interface to use.
> I see, hmm are you suggesting that the linksys should be placed
> between the freebsd firewall and the internet? Then do a ipfw fwd
> rules to in freebsd to select which interface to go and linksys will
> do all the NAT-ing for those packets respectiveily right?


> Thank you.
> Regards,
> Rudy

Want to link to this message? Use this URL: <>