divert with ipnat instead of ipfw?
Norberto Meijome
freebsd at meijome.net
Thu May 13 18:44:05 PDT 2004
Hi all,
My setup :
--
FreeBSD hostname 4.10-PRERELEASE FreeBSD 4.10-PRERELEASE #2: Wed Apr 28
09:40:43 EST 2004
fxp0 : link to the outside world
fxp1 : link to LAN
fxp2 : link to DMZ
ipf firewall
ipnat for LAN and rdr for services.
--
I'm running tcpmssd to fix MSS:
/usr/local/bin/tcpmssd -p 1000 -i fxp2
and I have the ipfw line that redirects all the traffic from fxp2 into
tcpmssd:
ipfw add divert 1000 tcp from x.x.x.x/y to any out via fxp0 setup
(where x.x.x.x/y is the subnet behind fxp2).
This works fine, but I was wondering how to do this with ipnat's rdr
configuration line (rather keep ipfw for bwlimiting). I haven't managed
to figure out how to redirect ALL traffic from fxp2 to that port. I can
do it on a port by part basis, but I need all traffic to go through it.
I tried :
rdr fxp2 0.0.0.0/0 port 0-65535 -> 127.0.0.1 port 1000
but tcpmssd with -v showed no made.
ipfw not used for anything else right now.
Any hints?
Thanks!!
Beto
More information about the freebsd-net
mailing list