[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: ipfilter port redirection doesn't work
From:       Artom Lifshitz <artom () sympatico ! ca>
Date:       2006-02-24 13:06:34
Message-ID: 43FF04DA.1030502 () sympatico ! ca
[Download RAW message or body]

Figured it out. From the ipfilter FAQ 
[http://www.phildev.net/ipf/IPFprob.html#prob17]:

I'm using |interface/32|, |0/0| or |0/32|, and it doesn't work.

These special aliases do *not* work in IPF rules, or in IPNat rdr rules. 
They only work in IPNat's map and bimap rules.

The FreeBSD handbook needs to be updated.

Thanks for the help!
Artom

Guido van Rooij wrote:

>On Tue, Feb 21, 2006 at 06:36:55PM -0500, Artom Lifshitz wrote:
>  
>
>>My mistake, I forgot the -f in ipnat -f /etc/ipnat.rules
>>
>>When I add it, ipnat -l gives:
>>
>>frankie:~# ipnat -l
>>List of active MAP/Redirect filters:
>>map tun0 192.168.1.0/24 -> 0.0.0.0/32
>>rdr tun0 0.0.0.0/32 port 22 -> 192.168.1.2 port 22 tcp
>><snip>
>>
>>But SSH sessions end up on the router and not on the LAN machine, as before.
>>    
>>
>
>Can you also show the output of:
>ipfstat -nioh
>ipnat -s
>ipf -V
>
>-Guido
>
>  
>

[prev in list] [next in list] [prev in thread] [next in thread]