Date: Sun, 28 Jan 2001 19:52:58 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Kal Torak <kaltorak@quake.com.au> Cc: FreeBSD-stable <freebsd-stable@FreeBSD.ORG> Subject: Re: ipfw forwarding (more info) Message-ID: <20010128195258.B91447@rfx-216-196-73-168.users.reflex> In-Reply-To: <3A74AA27.9E30C7C2@quake.com.au>; from kaltorak@quake.com.au on Mon, Jan 29, 2001 at 10:24:23AM %2B1100 References: <3A72CB47.7A5DD83@quake.com.au> <20010127220257.B28504@nevermind.kiev.ua> <3A732BE9.F559820D@quake.com.au> <3A732EFB.E7E743BA@quake.com.au> <20010127170621.M10761@rfx-216-196-73-168.users.reflex> <3A7411CF.816DA573@quake.com.au> <20010128132028.W10761@rfx-216-196-73-168.users.reflex> <3A74AA27.9E30C7C2@quake.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 29, 2001 at 10:24:23AM +1100, Kal Torak wrote: > > > Yeah using the redirect_port option in natd works, but I dont understand > > > why it doesnt work with ipfw... I thought natd might be stopping, but even > > > having the fwd rule before the divert to natd rule doesnt change anything.. > > > Dose ipfw fwd even work to remote machines? > > > > Yes, it works. No, it does not work how you want it to. The 'fwd' > > directive does exactly what it says, it forwards a packet to some > > location. What it does NOT do is change the packet in any way. That > > is, when you forward a packet to another machine, the packet arrives > > at the next machine (or next hop on the way there) with the > > destination IP address unchanged from the original packet. I doubt the > > machine you are sending this to does anything with a packet not > > addressed to it. > > Ahhh, now I see... And since the packet was addressed to the machine that > was forwarding it, it never actually went anywhere... No, it will still be forwarded (it will pe passed at layer 2) to the next hop machine... But what that box does with it (what you want it to or something else), I can't say. > I had thought the fwd rule changed the destination address on the packet > not just the next hop address... Nope it does not touch the destination address. Read ipfw(8) very, very carefully again. Could you do me a favor? I've gotten tired of answering this one so I wrote a FAQ entry. If you had ben pointed to the following FAQ item, http://www.unixfreak.org/~dima/home/freebsd/data/FAQ/networking.html#IPFW-FWD Would that have straightened you out? Any suggestions for it? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010128195258.B91447>