IPFW redirect to another port?
Karl Denninger
karl at denninger.net
Tue Jun 18 17:56:12 UTC 2019
On 6/18/2019 11:50 AM, John Levine wrote:
> I would like to use ipfw to redirect incoming port 53 requests from a
> few IP addresses to a different port, so I can use a custom DNS server
> to answer them. I can figure out how to redirect their traffic to,
> say, port 5553, but the responses come from 5553 which of course
> doesn't work.
>
> Any suggestions about how to adjust the port numbers going both ways? It's
> fine if they screw up other traffic to those IPs. TIA.
The easiest way to do this is likely with an in-kernel NAT entry with a
"redirect_port" stanza; that will "twist" packets going in both
directions. The most-common use for this is to take something on the
external interface (e.g. 1.2.3.4:8080) and direct it at an internal host
on port 80 (e.g. 10.1.1.1:80); the "redirect_port" stanza allows for
both TCP and UDP redirection with both sides being translated.
--
-- Karl Denninger
/The Market-Ticker/
S/MIME Email accepted and preferred
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4897 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20190618/1e0d5793/attachment.bin>
More information about the freebsd-questions
mailing list