Adrenalin\’s Blog

mai 19, 2007

(answer) Why my redirect_port redirect doesn’t work, not working ? Natd freebsd ipfw

Filed under: Unix — Adrenalin @ 23:28

Asta a fost saptamana cind o trebuit sa devin cul admin4eg si normal ca am calcat in toti skinii din zona %) Dupa traditie nimic din prima nu s-a primit.. ;o) Azi am mai stat vreo 5 ore la ceva care acum imi pare destul de evident ;]
cat ~/.bash_history | grep „sh /etc/rc.firewall” | wc -l
%) 47 de reloaduri la reguli..

Answer to the question:
After the packet was sucked into the divert, with smth. like

ipfw add divert natd all from any to any in $eif

You must allow redirection to the target, local ip, with

ipfw add allow tcp from any to _your_local_address_here _port_ keep-state

For redirect_port tcp 8080 we will have

ipfw add allow tcp from any to 80 keep-state

And yes, ipfw add allow tcp from any to me 8080 keep-state will not do anything useful because the packet seem to be accepted by natd (divert natd all from any.. my first quote) what allow the incoming 8080 connections, you need just to allow connection to the target local address..

Hope this will help.

Thanks to the jya who have helped mmx with exactly the same problem as at me %) here and here


Un comentariu »

  1. fignea tăt asta…

    Comentariu de polonyk — mai 20, 2007 @ 20:36

RSS feed for comments on this post. TrackBack URI

Lasă un răspuns

Completează mai jos detaliile tale sau dă clic pe un icon pentru a te autentifica:


Comentezi folosind contul tău Dezautentificare /  Schimbă )

Fotografie Google+

Comentezi folosind contul tău Google+. Dezautentificare /  Schimbă )

Poză Twitter

Comentezi folosind contul tău Twitter. Dezautentificare /  Schimbă )

Fotografie Facebook

Comentezi folosind contul tău Facebook. Dezautentificare /  Schimbă )


Conectare la %s

Blog la

%d blogeri au apreciat asta: