ipfw & natd
Jose Hidalgo Herrera
jose at hostarica.com
Mon Sep 20 14:52:23 PDT 2004
You are right, but Tomas too!,
what is missing here is:
# sysctl -w net.inet.ip.fw.one_pass=1
Use the divert first, with one_pass=1 the package will
be reinjected and the your fwd rule will work just fine.
--- this will do
sysctl -w net.inet.ip.fw.one_pass=1
natd -p 8668 -interface rl0
natd -p 8669 -interface rl1
ipfw add 1000 divert 8668 all from any to any rl0
ipfw add 2000 divert 8669 all from any to any rl1
ipfw add 2010 fwd 5.6.7.8 tcp from 10.0.0.0/24 to any 80 out recv ed0
---
--
Jose Hidalgo
PGP: 15524480
jose at hostarica.com
http://www.hostarica.com
More information about the freebsd-ipfw
mailing list