Date: Sun, 27 Aug 2000 10:09:30 -0700 From: Chip <chip@wiegand.org> To: kstewart@urx.com, "freebsd-questions@freebsd.org" <freebsd-questions@FreeBSD.ORG> Subject: Re: IPFW redirect rule? Message-ID: <39A94B4A.197F7BB6@wiegand.org> References: <39A8AC92.1203D118@wiegand.org> <39A8AEB7.F03138FF@urx.com> <39A8AFA4.CDC6981A@urx.com> <39A94963.CA8856E8@wiegand.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Could it be as simple as this? -> 00100 divert 8668 ip from 208.194.173.xx:80 to 192.168.0.7:80 via dc0 I wonder about the line number though, my rc.firewall rules do not have line numbers, they start with /sbin/ipfw, so do I leave those off and replace them with /sbin/ipfw when I add the necessary line to my rules? -- Chip W. www.wiegand.org Alternative Operating Systems Chip wrote: > Kent Stewart wrote: > > > Kent Stewart wrote: > > > > > > Chip wrote: > > > > > > > > I am setting up a machine as a firewall and am starting by > > > > using the default ipfw rc.firewall rules and am following > > > > the instructions in the Complete FreeBSD book by Greg > > > > Lehey. I want to add a redirect rule to allow access to my > > > > web server on another machine. I am not sure if I use rdr > > > > or divert, maybe I am confusing ipfw and ipfilter stuff. > > > > I haven't found an answer on the FreeBSD Diary or in > > > > the archives. My kernel is reconfigured as directed in the > > > > book, everything else is set up as per the instructions. > > > > My firewall machine has two nics, one with the public > > > > ip address,208.194.173.xx, the other with a private ip > > > > address, part of my home network. My web server also > > > > has a private ip address, part of my home network, > > > > 192.168.0.x. I'm sure this is probably no problem, I > > > > just haven't found the answer anywhere. > > > > > > I had the same experience. I found the example at > > > http://www.mostgraveconcern.com/freebsd/ for the "Dual homed setup" > > > worked out of the box. > > > > I forgot something. The latest rc.firewall has a divert located at the > > top of "Simple". I modified my addition of the "Dual Homed setup" to > > look like that for the non-routeable networks. > > > > That eliminates the "in" and "out" sections for those networks. > > > > That works if the web server is on the same box as the firewall, > in my case it is not. My web server and firewall boxes are two > seperate machines, firewall ipaddress are: > 208.194.173.xx and 192.168.0.1 > and the ipaddress of the web server is: > 192.168.0.7 > so the rule needs to redirect 208.194.173.xx:80 to 192.168.0.7:80 > This is where I haven't found the correct way to right > the rule. > > -- > Chip W. > www.wiegand.org > Alternative Operating Systems > > > > > Kent > > > > -- > > Kent Stewart > > Richland, WA > > > > How are things in the Tri-Cities these days? I am a native > of Kennewick. Now living in *ugh* the Seattle area. In > Mountlake Terrace, near Edmonds and Lynnwood. > > > > > mailto:kbstew99@hotmail.com > > http://kstewart.urx.com/kstewart/index.html > > FreeBSD News http://daily.daemonnews.org/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39A94B4A.197F7BB6>