IPFW Redirect

vpeleh · Nov 17, 2008

Hi
Somebody know? can ipfw do redirect packet
(Something like to PF
rdr on ! $ext_if proto tcp from <blocked_user> to any port 80 -> 192168.192.168 port 8080
)

ipfw nat do not work in this way, it only redirect packet that destination to local router...

If somebody know how do that, pleae help
Thanks

raVen · Nov 17, 2008

ipfw fwd?

vpeleh · Nov 17, 2008

ipfw fwd only forward packet to destination(it do not change destination field in packet)

aragon · Nov 18, 2008

I'm thinking you need to use natd and one of its -redirect_* parameters. Then use ipfw divert to divert the relevant traffic through natd.

aragon · Nov 18, 2008

Something like this:

Code:

natd -redirect_port tcp 192.168.192.168:8080

Code:

ipfw add 100 divert natd tcp from blocked_user to any 80 in

vpeleh · Nov 19, 2008

Thanks
I will try

jleal2003 · Dec 9, 2008

You can also use a port redirector like rinetd , it is a very useful tool!! try and let us know what happen!

r-c-e · Dec 12, 2008

jleal2003 said:
You can also use a port redirector like rinetd , it is a very useful tool!! try and let us know what happen!

I use rinetd a lot when migrating sites from one server to another and love it, easy to setup and can take a beating.

komeylian · Dec 21, 2008

hi, vpeleh

as well as you want in above

(Something like to PF rdr on ! $ext_if proto tcp from <blocked_user> to any port 80 -> 192168.192.168 port 8080)

you should follow bellow :

1) load ipfw module

# kldload ipfw.ko

2) check it by

# kldstat

3)

# ipfw add allow ip from any to any

4)

# ipfw add fwd 192.168.192.168:8080 tcp from <blocked_user> to any 80

5) for check it use

# ipfw show

have fun.

mlevel · Mar 3, 2011

This rule doesn`t change destination IP-address in TCP-packet!