help converting iptables rule into ipfw

Dan Casey dcasey at
Mon Jan 29 17:32:47 UTC 2007

I have a quick script that takes web traffic on one internal ip, and
redirects it to another internal ip.  This is working fine in iptables. 
Can anyone show me how to recreate this in ipfw?


$eth     ="eth0:38";
$int_ip  ="";
$ext_ip  ="";

echo("Flushing NAT Tables\n");
//exec("/sbin/iptables -F");
//exec("/sbin/iptables -t nat -F");

echo("Setting up PREROUTING.--------\n");
exec("/sbin/iptables -t nat -A PREROUTING -p tcp -i $eth -d $int_ip "
   . "--dport $int_port -j DNAT --to $ext_ip:$ext_port");

echo("Setting up POSTROUTING.-------\n");
exec("/sbin/iptables -t nat -A POSTROUTING -o $eth -j MASQUERADE");

echo("Setting up FORWARD.-----------\n");
exec("/sbin/iptables -A FORWARD -p tcp -i $eth -d $ext_ip "
   . "--dport $ext_port -j ACCEPT");

echo `/sbin/iptables -t nat -L`;


More information about the freebsd-ipfw mailing list