RE: rdr with non-TCP/UDP

[Justin Killen]

Yeah, that's right - it's the same way you forward gre traffic for an internal pptp vpn server.  Check the archives for an internal pptp vpn server - they might also be useful to you. -----Original Message----- From: Fu Ming [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 13, 2003 13:52 PM To: [EMAIL PROTECTED] Subject: Re: rdr with non-TCP/UDP Here is a new twist,   rdr xl0 0.0.0.0/0 port 0 -> 10.0.0.1 port 0 50   ipnat parser were happy with the above command. The kernel filter code seems to ignore port matching if the ports are zero.   Can someone knows the kernel code well confirm me that this does bypass the ipnat parser limitation?   Best Regards, Ming ----- Original Message ----- From: Fu Ming To: [EMAIL PROTECTED] Sent: Thursday, February 13, 2003 4:10 PM Subject: rdr with non-TCP/UDP Hi,   Does rdr work with non-TCP UDP protocol? such as rdr xl0 0.0.0.0/0 -> 10.0.0.1 50   looking through the freebsd 4.7 ipnat code, it looks for port at below mentioned two position.   rdr xl0 0.0.0.0/0 [port1] -> 10.0.0.1 [port2]   if one of the port is not present, parse fail.   I want to do ipsec inward proxy to an ipsec server on the inside of a Firewall, any better idea than redirect the protocol 50?   Thanks   ============================      Ming Fu    Borderware Technologies, Inc.    http://www.borderware.com    [EMAIL PROTECTED]    (905)804-1855 Ext 229