ipfw and divert and trying to do something clever
Bruce Campbell
bruce at engmail.uwaterloo.ca
Mon Oct 6 06:10:25 PDT 2003
I have some machines behind a freebsd firewall, and I'm using ipfw.
Presently, I reset attempts to smtp past the firewall:
reset tcp from [subnet] to any 25
but I'd like to divert them to my own smtp server, so it doesn't
matter what the clients try to use.
I thought this would be easy. Maybe it is.
The "fwd" feature doesn't seem to do it, as it just forwards a
specific ipaddr[,port] (no subnet/mask)
"divert" looks like the way to do it, and after a few hours of
fiddling with a program that opens a divert socket, I can watch
all manner of traffic going back and forth, but each time
I attempt to send it elsewhere, I get nowhere. I am duly
setting both the ip and tcp checksum, before re-injection.
Somebody else must have done this, and/or I must be doing it
the wrong way.
Any suggestions ? Please e-mail me directly also as I am
not on this list. A code snippet using divert would
be excellent.
--
Bruce Campbell
Engineering Computing
CPH-2374B
University of Waterloo
(519)888-4567 ext 5889
----------------------------------------
This mail sent through www.mywaterloo.ca
More information about the freebsd-questions
mailing list