"You mention you are using Solaris - Don't expect a redirect to ever make it to localhost, it doesn't work."
-Does this mean that there is not a solution to my problem? I have only two interfaces on the machine: bge0 and lo0 (loopback). I need an external machine connecting to port 80 to be redirected to port 8080 on the machine running the webserver and ipfilter. Thanks, Brad Mann Software Engineer - Information Access Services HARRIS Corporation / GCSD (321) 984-6292 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Larry Moore Sent: Tuesday, August 08, 2006 10:22 AM To: [email protected] Subject: Re: Easy port forwarding question Mann, Bradley wrote: > The webserver is also listening on localhost:8080 as far as I know. If I > open a browser and navigate to http://localhost:8080 on the server > machine, I am able to access my web page. However, these rules appear to > have no affect: > > rdr bge0 0.0.0.0/0 port 80 -> 0.0.0.0 port 8080 > rdr bge0 0.0.0.0/0 port 443 -> 0.0.0.0 port 8443 > > Can you see any reason why these shouldn't work? > You mention you are using Solaris - Don't expect a redirect to ever make it to localhost, it doesn't work. That aside, why do you define the destination address as 0.0.0.0 - surely that is going to fail. I would suggest you remove ipf rules from the equation by not loading them or at least not defining any and only having ipnat rules. The following works for me on an OpenBSD 3.3 system with IP Filter 3.4.35 installed. rdr sis0 0/0 port 80 -> 192.168.54.9 port 8080 where sis0 is my internal interface and 192.168.54.9 is the address of sis0. httpd is only listening on port 8080 and it works - see trimmed output from ipnat -l. bash-2.05b# ipnat -l |grep 80 ; netstat -anf inet | grep 80 rdr sis0 0.0.0.0/0 port 80 -> 192.168.54.9 port 8080 tcp RDR 192.168.54.9 8080 <- -> 192.168.54.9 80 [192.168.54.114 2766] RDR 192.168.54.9 8080 <- -> 192.168.54.9 80 [192.168.54.114 2765] tcp 0 0 192.168.54.9.8080 192.168.54.114.2766 ESTABLISHED tcp 0 0 192.168.54.9.8080 192.168.54.114.2765 ESTABLISHED tcp 0 0 *.8080 *.* LISTEN Have you verified with a browser that http://<ip-address of bge0>:8080 works? Larry.
