On Nov 28, 2007 4:21 PM, Sam Wun <[EMAIL PROTECTED]> wrote: > On Nov 28, 2007 5:12 PM, Sepherosa Ziehau <[EMAIL PROTECTED]> wrote: > > On Nov 28, 2007 12:18 PM, Sam Wun <[EMAIL PROTECTED]> wrote: > > > I have read the manpages and freebsd handbook more than 20 tiems. > > > > Oh? Then I think you must have read this in ipfw manpage: > > ... > > The fwd action does not change the contents of the packet at all. In > > particular, the destination address remains unmodified, so packets > > forwarded to another system will usually be rejected by that system > > unless there is a matching rule on that system to capture them. > > ... > > > OK, I mis-read that. is that mean I need to implement a rule in the > internal web server?
IMHO, what you need is a divert rule and natd on 6, or try 7's ipfw with the in-kernel NAT. Best Regards, sephe > I t hink I just need to install rinet in this freebsd router for the > port forwarding. > > Thanks > > > > Best Regards, > > sephe > > > > > > > > > > > > > > > > On Nov 28, 2007 2:40 PM, Sepherosa Ziehau <[EMAIL PROTECTED]> wrote: > > > > On Nov 28, 2007 10:03 AM, Sam Wun <[EMAIL PROTECTED]> wrote: > > > > > Hi, > > > > > > > > > > I setup the following ipfw rules in freebsd 6.2: > > > > > belmore# ipfw list > > > > > 00001 allow udp from any to any dst-port 500 > > > > > 00001 allow esp from any to any > > > > > 00001 allow esp from any to any > > > > > 00001 allow ipencap from any to any > > > > > 00001 allow ipencap from any to any > > > > > 00020 fwd 192.168.1.222 ip from any to 220.233.24.213 dst-port 80 in > > > > > > > > I don't think this does the rdr you intended. Please take a look at > > > > ipfw manpage. > > > > > > > > Best Regards, > > > > sephe > > > > > > > > > I don't know what is wrong that the freebsd server (6.2) can't > > > > > redirect/forward http request to an internal server (web server - > > > > > 192.168.1.222). > > > > > > > > > > Can anyone please give suggestion to modify this rules? > > > > > Or can you please post your workable ipfw rules that achieved the > > > > > same goal? > > > > > > > > > > Thanks > > > > > S > > > > > _______________________________________________ > > > > > [email protected] mailing list > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > > > > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > > > > > > > > > > > > > > > > > > -- > > > > Live Free or Die > > > > _______________________________________________ > > > > [email protected] mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > > > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > > > > > > > > > > > > -- > > Live Free or Die > > > -- Live Free or Die _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"
