Transparent UDP redirection
Nick Rogness
nick at rogness.net
Fri May 2 13:28:29 PDT 2003
On Fri, 2 May 2003, Bill Moran wrote:
> Jonathan wrote:
> > Hi all,
> >
> > I'm trying to temporarily move a radius server from one box to another.
> > The only problem at the moment is that I tried using portfwd to divert
> > traffic between the boxes, but it doesn't support transparent proxies
> > under FreeBSD, so the source address isn't showing up correctly.
> >
> > Can anyone suggest a port/package that has this feature? I think
> > ipfw/ipfilter is overkill for this, but I've been wrong before :)
>
> Should be able to make natd use -redirect_port to accomplish this (in
> base system) Doesn't RADIUS have redirect functions built into the
> protocol that you could use? (not sure, it's been a while)
Most common radius servers support proxy forwarding to another
radius server. This is usually a better solution :-)
If you want to forward on a lower layer, just use:
# ipfw add divert natd ip from any to any via $INT
# natd -redirect_port udp $NEW_IP:1645 $OLD_IP:1645 -redirect_port
udp $NEW_IP:1646 $OLD_IP:1646 -n $INT
Or the equivalent ipfilter map commands.
Nick Rogness <nick at rogness.net>
-
How many people here have telekenetic powers? Raise my hand.
-Emo Philips
More information about the freebsd-questions
mailing list