Hi List,
my Problem is that ipnat will not redirect my connection.
There is no Error Message. The ipf Module is loaded:
[EMAIL PROTECTED] modinfo | grep ipf
96 fea408de 2f972 82 1 ipf (IP Filter: v4.1.8)
I followed the steps within the readme file but have no luck.
My goal is to build a interception proxy, I need the redirection feature
of ipf to do that. To test the redirection I insert the rule:
rdr elxl0 0.0.0.0/0 port 80 -> 127.0.0.1 port 22
Now I expect that a >telnet localhost 22< will result in the same as
>telnet localhost 80<, but it does not. I have read the manual/FAQ and
have searched for artikels in google, all of them simply say that it es
enough to insert such a rdr rule. But it won't work.. Your help is very
welcome.
tia,
Aleks
Sysinfo:
[EMAIL PROTECTED] uname -a
SunOS webgate 5.8 Generic_108529-27 i86pc i386 i86pc
[EMAIL PROTECTED] isainfo -vk
32-bit i386 kernel modules
[EMAIL PROTECTED] ifconfig -a
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 2
inet 127.0.0.1 netmask ff000000
elxl0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 172.29.252.130 netmask fffffff8 broadcast 172.29.252.135
ether 0:b0:d0:2f:49:f7
[EMAIL PROTECTED] netstat -i
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis
Queue
lo0 8232 loopback localhost 27 0 27 0 0
0
elxl0 1500 172.29.252.128 webgate 607024 0 609451 0 17711
0
[EMAIL PROTECTED] netstat -s -P ip
IPv4 ipForwarding = 2 ipDefaultTTL = 255
ipInReceives =589767 ipInHdrErrors = 0
ipInAddrErrors = 0 ipInCksumErrs = 0
ipForwDatagrams = 0 ipForwProhibits = 0
ipInUnknownProtos = 0 ipInDiscards = 0
ipInDelivers =588928 ipOutRequests =604565
ipOutDiscards = 0 ipOutNoRoutes = 0
ipReasmTimeout = 60 ipReasmReqds = 0
ipReasmOKs = 0 ipReasmFails = 0
ipReasmDuplicates = 0 ipReasmPartDups = 0
ipFragOKs = 0 ipFragFails = 12
ipFragCreates = 0 ipRoutingDiscards = 0
tcpInErrs = 1 udpNoPorts = 866
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipsecInSucceeded = 0
ipsecInFailed = 0 ipInIPv6 = 0
ipOutIPv6 = 0 ipOutSwitchIPv6 = 1
[EMAIL PROTECTED] ipf -V
ipf: IP Filter: v4.1.8 (500)
Kernel: IP Filter: v4.1.8
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 1
Feature mask: 0x187
[EMAIL PROTECTED] ipfstat
bad packets: in 0 out 0
IPv6 packets: in 0 out 0
input packets: blocked 0 passed 588333 nomatch 429727 counted
0 short 0
output packets: blocked 0 passed 603133 nomatch 525571 counted 0
short 0
input packets logged: blocked 0 passed 0
output packets logged: blocked 0 passed 0
packets logged: input 0 output 0
log failures: input 0 output 0
fragment state(in): kept 0 lost 0 not fragmented 0
fragment state(out): kept 0 lost 0 not fragmented 0
packet state(in): kept 0 lost 0
packet state(out): kept 0 lost 0
ICMP replies: 0 TCP RSTs sent: 0
Invalid source(in): 0
Result cache hits(in): 158606 (out): 77562
IN Pullups succeeded: 113 failed: 0
OUT Pullups succeeded: 0 failed: 0
Fastroute successes: 0 failures: 0
TCP cksum fails(in): 0 (out): 0
IPF Ticks: 1133665
Packet log flags set: (0)
none
[EMAIL PROTECTED] ipfstat -io
empty list for ipfilter(out)
empty list for ipfilter(in)
[EMAIL PROTECTED] ipnat -slv
mapped in 0 out 0
added 0 expired 0
no memory 0 bad nat 0
inuse 0
rules 1
wilds 0
table 8047c4c list e0b07788
List of active MAP/Redirect filters:
rdr elxl0 0.0.0.0/0 port 80 -> 127.0.0.1 port 22 tcp
List of active sessions:
List of active host mappings:
[EMAIL PROTECTED]
