[freebsd-questions] Re: Quick+easy port redirect
Tuc at T-B-O-H.NET
ml at t-b-o-h.net
Thu Apr 10 22:09:30 UTC 2008
>
> In the last episode (Mar 28), Tuc at T-B-O-H.NET said:
> > Is there a quick/easy (cookbook?) way to do port redirects.
> > Basically I want that anything that leaves a specific interface to
> > any ip on port 80 go to 192.168.0.1 port 87.
> >
> > I'm using ipfw for some other things so it has to work and play
> > well with that.
>
> Make sure "options IPFIREWALL_FORWARD" is in your kernel config:
>
> ipfw add 500 forward 192.168.0.1 tcp from any to any 80
>
> Note that this is a routing-style forward. The source and destination
> addresses are unchanged, so you will likely need another ipfw fwd rule
> at the destination machine to capture the traffic and force-forward it
> to 127.0.0.1:87 (or wherever you want it to go). If you're planning on
> passing the traffic to squid, there's a big FAQ section with some
> alternate methods: http://wiki.squid-cache.org/SquidFaq/InterceptionProxy
>
Hi,
I tried that (Well, 192.168.0.1,87) and it seem to have any
effect, as you said that its a routing style forward. It hits my router
and that ignores it and keeps on processing normally. I really am looking
for a NAT type situation here.
I already use the InterceptionProxy wiki to get it to pass it
to Squid, thats been running great. My problem is when my primary Wireless
Broadband goes down, it needs to take satellite. When it takes satellite,
to get a Web acceleration thing going, I need to force it to the satellite
modem port 80.
SO, as clunky as it is, I used a rule that anything outbound
on tun1 (OpenVPN over the satellite) goes to 127.0.0.1,87, which rinetd
outta ports sends it to 192.168.0.1,87.
Thanks, Tuc
I ended up
More information about the freebsd-questions
mailing list