Date: Wed, 28 Nov 2007 13:03:29 +1100 From: "Sam Wun" <swun2010@gmail.com> To: freebsd-ipfw@freebsd.org Subject: ipfw forwarding doesn't work - for more than 2 months. --- please help Message-ID: <736c47cb0711271803o46dd89d8te49d5969fd358d15@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, I setup the following ipfw rules in freebsd 6.2: belmore# ipfw list 00001 allow udp from any to any dst-port 500 00001 allow esp from any to any 00001 allow esp from any to any 00001 allow ipencap from any to any 00001 allow ipencap from any to any 00020 fwd 192.168.1.222 ip from any to 220.233.24.213 dst-port 80 in 00040 allow tcp from any to 220.233.24.213 dst-port 80 in 00041 allow tcp from 192.168.1.222 to any out 00050 divert 8668 ip4 from any to any via tun0 00100 allow ip from any to any via lo0 00150 allow ip from any to any via rl1 00200 deny ip from any to 127.0.0.0/8 00250 allow ip from any to any via lo0 00300 deny ip from 127.0.0.0/8 to any 00350 allow ip from any to any via gif* keep-state 00450 allow udp from any to any dst-port 53 in keep-state 00550 allow tcp from any to any dst-port 22 in keep-state 00650 allow udp from any to any dst-port 1080-60000 in setup keep-state 00750 allow tcp from any to any dst-port 1080-60000 in keep-state 00850 allow tcp from any to 220.233.24.213 dst-port 80 in via tun0 setup keep-state 00950 allow tcp from 220.233.24.213 to any out via tun0 setup keep-state 01050 allow tcp from any to any out keep-state 65000 allow ip from any to any 65535 allow ip from any to any I don't know what is wrong that the freebsd server (6.2) can't redirect/forward http request to an internal server (web server - 192.168.1.222). Can anyone please give suggestion to modify this rules? Or can you please post your workable ipfw rules that achieved the same goal? Thanks S
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?736c47cb0711271803o46dd89d8te49d5969fd358d15>