On Fri, 28 Dec 2001, Crist J . Clark wrote:
> On Fri, Dec 28, 2001 at 01:31:07PM -0800, Julian Elischer wrote:
> > You need to
> > correct the FAQ..
> >
> > "The correct way to ensure that this does not happen is to also add
> > a 'fwd' rule on the destination rule, forwarding the packet
> > to localhost. This will override the destination machine's tendancy
> > to throw the forwarded packet back"
>
> I'm having a hard time parsing that.
if you send a packet somewhere it is not supposed to go, it will try
discard it or forward it, UNLESS it has an ipfw fwd rule that makes it
forward it to a local port. So you need a rule at the interception machine
and a rule at the destination machine.
>
> > Also, in versions of FreeBSD before 4.6,
>
> 4.6?
yes, it will miss 4.5
>
> > packets matched while INCOMING
> > could only be forwarded to the local host.
>
> Which is what I thought the original poster was doing?
>
> > Outgoing packets
> > could be forwarded to an adjoining host.
> > This was fixed while 4.5 was cooking and appeared in releases after that.
>
> So will this be in 4.5?
No
>
> > The port number is only used for forwarding to the local host.
>
> Which is what the original poster was doing?
> --
> "It's always funny until someone gets hurt. Then it's hilarious."
>
> Crist J. Clark | [EMAIL PROTECTED]
> | [EMAIL PROTECTED]
> http://people.freebsd.org/~cjc/ | [EMAIL PROTECTED]
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
