Re: ipfw + nat

2006-06-08 Thread Chuck Swiger
mufalani wrote: Hi all, I have a webserver runing apache 2.3 under windows 2003, and one BSD 5.4 (gateway). How to redirect requisitions at 80´s port (200.X.X.X:80) to address (192.x.x.x:80) with nat and ipfw? echo "redirect_port tcp 192.x.x.x:80 80" >> /etc/natd.conf See "man nat

Re: ipfw + nat

2006-06-08 Thread Andrey V. Elsukov
mufalani wrote: How to redirect requisitions at 80?s port (200.X.X.X:80) > to address (192.x.x.x:80) with nat and ipfw? You can try following: # natd -alias_address 200.X.X.X -redirect_port tcp 192.x.x.x:80 80 # ipfw add divert natd tcp from any to 200.X.X.X in recv $ExtIf # ipfw add divert nat

Re: ipfw + nat

2006-06-08 Thread Henrik Andersen
Hi Mufalani, http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html and in particular the part 26.6.5.7 should explain how to accomplish this. Regards, Henrik On 6/8/06, mufalani <[EMAIL PROTECTED]> wrote: Hi all, I have a webserver runing apache 2.3 under window

Re: ipfw + nat

2006-06-08 Thread Erik
> Hi all, > > I have a webserver runing apache 2.3 under windows 2003, and one BSD 5.4 > (gateway). > > How to redirect requisitions at 80´s port (200.X.X.X:80) to address > (192.x.x.x:80) with nat and ipfw? > Pretty simple if you are using natd. In /etc/rc.conf: ### Firewall Settings #

Re: ipfw + nat

2006-06-08 Thread Nick Withers
On Wed, 7 Jun 2006 20:17:07 -0300 "mufalani" <[EMAIL PROTECTED]> wrote: > Hi all, > > I have a webserver runing apache 2.3 under windows 2003, and one BSD 5.4 > (gateway). > > How to redirect requisitions at 80´s port (200.X.X.X:80) to address > (192.x.x.x:80) with nat and ipfw? Assu

Unknown Extension Header(103)

2006-06-08 Thread John Hay
Hi, I have tried to upgrade our firewall/router from 5.3 to 6.1-stable and ran into these messages: IPFW2: IPV6 - Unknown Extension Header(103), ext_hd=0 There were so many that the machine got stuck. It turns out that ipfw did not like the pim multicast packets on ipv6. I think I have fixed the

(no subject)

2006-06-08 Thread Fernando Patzlaff
___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: bin/97194: [patch] [ipfw] ipfw does not correctly list dynamic IPv6 rules

2006-06-08 Thread Oleg Bulyzhin
Synopsis: [patch] [ipfw] ipfw does not correctly list dynamic IPv6 rules State-Changed-From-To: open->closed State-Changed-By: oleg State-Changed-When: Thu Jun 8 17:20:44 UTC 2006 State-Changed-Why: Closed in favour of bin/98349 http://www.freebsd.org/cgi/query-pr.cgi?pr=97194 _

Re: kern/98184: [ipfw] ipfw add pass 224.0.0.0/4 multicast rule prevents natd forwarding for dynamic rules

2006-06-08 Thread Oleg Bulyzhin
Synopsis: [ipfw] ipfw add pass 224.0.0.0/4 multicast rule prevents natd forwarding for dynamic rules Responsible-Changed-From-To: freebsd-ipfw->oleg Responsible-Changed-By: oleg Responsible-Changed-When: Thu Jun 8 20:45:05 UTC 2006 Responsible-Changed-Why: take over. http://www.freebsd.org/cgi