How to forward UDP packets to another port and get responses with port translation?
Yuri
yuri at rawbw.com
Mon Dec 2 22:10:06 UTC 2013
I would like to translate the port in all DNS requests, so that the
server works on the different port (ex. 1053) on the same net and the
client works on the original port 53.
I am thinking about two approaches:
* forward packets into the server:
ipfw add 200 fwd 192.168.10.1,1053 udp from 192.168.10.0/24 to
192.168.10.1 53
The problem with routing responses is that natd(8) doesn't allow to
change the source port, only the source address. There is -alias_address
option but no -alias_port option.
* divert and natd(8):
natd -port 8668 -interface tap0 -redirect_port udp 192.168.10.1:1053 53
$IPF 200 divert natd udp from 192.168.10.0/24 to 192.168.10.1 53 via
tap0 keep-state
In both cases reply packets have the source port 1053, and it isn't
clear how to make it 53.
It seems that divert only passes to natd(8) packets from one direction,
and not from the other.
Is there a way to properly translate the ports back and forth in such
simple UDP communication?
Yuri
More information about the freebsd-net
mailing list