[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: IPFilter and P3Scan
From:       horio shoichi <bugsgrief () bugsgrief ! net>
Date:       2004-04-28 2:29:55
Message-ID: 20040428.090651.4b624a61bdb5c558.10.0.3.20 () bugsgrief ! net
[Download RAW message or body]

On Tue, 27 Apr 2004 10:53:50 +0200
Fabrice <fbr@deux.transpac.fr> wrote:
> Dave+Seddon a 蜒rit :
> 
> > Greetings,
> > ooops.  sorry the 'rdr' must be to a different interface.
> > rdr fxp1 0.0.0.0/0 port 110 -> 127.0.0.1 port 8110
> > Regards,
> > Dave
> > Paul Armstrong writes:
> >
> >> On Tue, Apr 27, 2004 at 08:34:36AM +0200, Fabrice wrote:
> >>
> >>> To: ipfilter@coombs.anu.edu.au
> >>> The example is :
> >>> ipfw add fwd 192.168.0.254,8110 tcp from 192.168.0.0/24 to any pop3
> >>
> >>
> >> rdr fxp0 192.168.0.0/24 port 110 -> 192.168.0.254 port 8110 tcp
> >
> Thanks Dave and Paul,
> 
> I didn't say it, but I've tried before this method : it doesn't works, 
> the pop3 packet loops, because IPnat overwrite the real POP3 server IP 
> adress.
> So I think I must use transparent proxy.
> 
> Regards
> FAbrice
> 

Don't know why your rule failed ...

Here is an example on my internal dns/http machine,
working since FreeBSD-4.4 and now on (mistakenly upgraded) -4.9.

% cat /etc/ipnat.rules
# 53 -> 8053 ... for bind
rdr fxp0 10.0.3.4/32 port 53 -> 10.0.3.4 port 8053 tcp/udp
rdr lo0 10.0.3.4/32 port 53 -> 10.0.3.4 port 8053 tcp/udp
rdr lo0 127.0.0.1/32 port 53 -> 127.0.0.1 port 8053 tcp/udp

# 80 ->8080 ... for apache
rdr fxp0 10.0.3.4/32 port 80 -> 10.0.3.4 port 8080 tcp/udp
rdr lo0 10.0.3.4/32 port 80 -> 10.0.3.4 port 8080 tcp/udp
rdr lo0 127.0.0.1/32 port 80 -> 127.0.0.1 port 8080 tcp/udp
%


Modify interface, ip address, and port number as you like.



horio shoichi

[prev in list] [next in list] [prev in thread] [next in thread]