John Hay wrote:
On Mon, Oct 20, 2008 at 11:19:22PM +0200, Leander S. wrote:
Hi,
I'm trying to set up something like a HotSpot. Goal is it to force
unregistred users to get redirected to the Captive Portalsite where
they'll be able to agree my licence therms and get some information ...
etc. ...
So fact is I need an IPFW rule which forwards Port 80,443,8080 Traffic
to another Port i.e. 8080 --> where my Apache will already wait for
serving the Captive Portalsite back to the request.
So I did read the man and saw something like the fwd rule and the Kernel
Option for it - so I added the option - rcompiled the Kernel and gave my
Firewall the following fwd rule in an extra script:
${fwcmd} add 01100 fwd ${LAN_IP},8080 tcp from ${LAN} to any
80,443,8080 in via ${LAN_if}
Try to make the rule stateful, eq add 'setup keep-state'. Also add some
logging in the rule
and add the last one additional deny with the logging.
You have to catch it where it is going out and not in. Fwd only works
when packets are out bound.
But how this works for me?
ipfw fwd 192.168.0.4,3128 log logamount 1000 tcp from 172.22.4.0/24 to
172.22.4.254 dst-port 3128 setup in via vr0 keep-state
rik
John
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
