both addresses are on the same box, just 2 public ips..
.28 is the jail, .204 is one of the hosts alias
----- Original Message -----
From: "Peter Jeremy" <[EMAIL PROTECTED]>
To: "OxY" <[EMAIL PROTECTED]>
Cc: <freebsd-hackers@freebsd.org>
Sent: Tuesday, December 13, 2005 7:20 PM
Subject: Re: ipfw forwarding
On Tue, 2005-Dec-13 18:27:43 +0100, OxY wrote:
i used this rule:
$cmd 00316 fwd x.x.x.x.204,80 tcp from any to x.x.x.28 80
what's wrong with it?
You don't mention what is happening or not happening (running tcpdump
and following packets as they go from system to system can be useful)
but there are two issues you may not have considered.
1) Have you considered what will happen to packets being returned from
the server on .28 to the client?
2) ipfw(8) states:
The fwd action does not change the contents of the packet at all.
In particular, the destination address remains unmodified, so
packets forwarded to another system will usually be rejected by
that system unless there is a matching rule on that system to
capture them. For packets forwarded locally, the local address
--
Peter Jeremy
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
