Redirect outbound IP traffic

[jwilk000]

Forgive me if this is a topic that has been discussed already. I tried to no avail to find a solution from Google and from various man pages. What I'm trying to do is actually quite simple, I just can't figure out how to do it. I'm trying to do simple outbound IP redirection. The FreeBSD system is the gateway for a number of machines, and I need traffic to certain addresses re-routed. Under Linux, I could simply use a DNAT target in iptables. So far I've been unsuccessful in finding something similar in IPFW/natd (which is the setup I'm currently running).

Basically I want the equivalent of the following:

iptables -t nat postrouting -a -p tcp -s [match internal network IP] -d [match destination IP] -j DNAT --to-destination [address of redirect]

 

[Alt]

Redirect or dnat?

 

[jwilk000]

I want to mangle the packet destination addresses to be routed to a new destination address different from the one that was originally encoded into the packet. I would imagine the firewall will also need to be aware of the change so that it can let two-way traffic back in. I know the iptables DNAT target is generally for accessing a NAT'ed machine from behind a public IP, but in this instance, I guess I use it backwards.

 

[aragon]

Use natd's -redirect_address parameter. All the options are documented in natd(8).