Need help for 'ipfw' with 'fwd' option

Post by j_la.. » Fri, 17 Mar 2000 04:00:00

Hi everybody,
I would like to forward packets from a server to another one, on
the same port, without changing source address (so 'natd' isn't
the way). So I looked for 'ipfw' whith 'fwd' option.
Local uses of 'fwd' works fine. For example, with:
$fwcmd add fwd,25 tcp from any to any telnet
when I telnet to my host, I was diverted to smtp port.
But I didn't succeed with remote uses. For example, with:
$fwcmd add fwd 192.x.y.142 log tcp from any to ${ip} 20-21
when I ftp to my host (192.x.y.143), log said:
/kernel: ipfw: 100 Forward to 192.x.y.142
TCP 192.x.y.142:3989 192.x.y.143:21 in via fxp0
... but I was logged to 192.x.y.143 :-( It would seem that
'ipfw' didn't forward!
I use FreeBSD 3.4 and I put all firewall options into the kernel.
Firewall stats say:
00100 12 520 allow ip from any to any via lo0
00200 0 0 deny ip from any to
00300 6 260 fwd 192.x.y.142 log logamount 100 tcp from any to
192.x.y.143 20-21
00400 62 3051 allow tcp from any to any established
00500 0 0 allow tcp from any to 192.x.y.143 23
00600 0 0 allow tcp from 192.x.y.143 to any setup
65535 315 160059 deny ip from any to any
Does anybody have any idea?

