ipfw forwarding doesn't work - for more than 2 months. --- please
help
Sam Wun
swun2010 at gmail.com
Tue Nov 27 18:29:07 PST 2007
Hi,
I setup the following ipfw rules in freebsd 6.2:
belmore# ipfw list
00001 allow udp from any to any dst-port 500
00001 allow esp from any to any
00001 allow esp from any to any
00001 allow ipencap from any to any
00001 allow ipencap from any to any
00020 fwd 192.168.1.222 ip from any to 220.233.24.213 dst-port 80 in
00040 allow tcp from any to 220.233.24.213 dst-port 80 in
00041 allow tcp from 192.168.1.222 to any out
00050 divert 8668 ip4 from any to any via tun0
00100 allow ip from any to any via lo0
00150 allow ip from any to any via rl1
00200 deny ip from any to 127.0.0.0/8
00250 allow ip from any to any via lo0
00300 deny ip from 127.0.0.0/8 to any
00350 allow ip from any to any via gif* keep-state
00450 allow udp from any to any dst-port 53 in keep-state
00550 allow tcp from any to any dst-port 22 in keep-state
00650 allow udp from any to any dst-port 1080-60000 in setup keep-state
00750 allow tcp from any to any dst-port 1080-60000 in keep-state
00850 allow tcp from any to 220.233.24.213 dst-port 80 in via tun0
setup keep-state
00950 allow tcp from 220.233.24.213 to any out via tun0 setup keep-state
01050 allow tcp from any to any out keep-state
65000 allow ip from any to any
65535 allow ip from any to any
I don't know what is wrong that the freebsd server (6.2) can't
redirect/forward http request to an internal server (web server -
192.168.1.222).
Can anyone please give suggestion to modify this rules?
Or can you please post your workable ipfw rules that achieved the same goal?
Thanks
S
More information about the freebsd-ipfw
mailing list