ipfw rules

ipfw rules

Post by localho » Wed, 02 Jul 2003 10:27:54



hello all...

i have a fbsd 4.8 box setup as a router with natd for my network.  Its
been up for a few weeks running fine, but now i want to forward
packets.

I want to forward all incoming udp packets on port 514 to a computer
on my lan (same udp port).

for those that dont know 514 is syslog.

i tried doing this ipfw rule but it didnt work, so i was wondering if
someone could fix it for me.

 ipfw add accept udp from any 514 to 192.168.1.106 514

where 192.168.1.106 is the IP of the box on the lan i want to forward
the packets to.

any help is appreciated. thanks.

 
 
 

ipfw rules

Post by Lowell Gilber » Wed, 02 Jul 2003 23:01:23


comp.unix.bsd.freebsd is not widely propagated, so you won't
necessarily get much help here (in comp.unix.bsd.freebsd).
See http://www.freebsd.org/support.html for better ideas...
[followups redirected accordingly]


> i have a fbsd 4.8 box setup as a router with natd for my network.  Its
> been up for a few weeks running fine, but now i want to forward
> packets.

> I want to forward all incoming udp packets on port 514 to a computer
> on my lan (same udp port).

> for those that dont know 514 is syslog.

> i tried doing this ipfw rule but it didnt work, so i was wondering if
> someone could fix it for me.

>  ipfw add accept udp from any 514 to 192.168.1.106 514

> where 192.168.1.106 is the IP of the box on the lan i want to forward
> the packets to.

> any help is appreciated. thanks.

natd is what you want, with "-redirect_port".

 
 
 

1. Applying ipfw rules remotely...

Hi there.  I've scanned through as much of the newsgroup as I could
readily lay hands on, and haven't seen this addressed so far.

I'm running ipfw on a FreeBSD box; my rules set is fine, it's trucking
away doing everything I want it to do, with no problems; it's definitely
making a lover of FreeBSD out of me.

The only problem is that I can't remotely write to the rules set, or
apply that rules set.  I've got ssh set up on the machine, ssh into it,
su to root, and can read/copy files, but whenever I try to write changes
to the rules file, or enter './fw_rules' to flush the old rules and
apply new ones once I've changed them, the connection appears to die on
my end, and ipfw itself, on the FreeBSD box, seems to lock up or default
back to 'deny all from any to any,' since all traffic immediately comes
to a screeching hault (as does all logging).  I then have to go over to
the machine itself, enter './fw_rules' on the console, and everything
works again.

The sysadmin who originally installed FreeBSD (v3.4-stable) swears he
didn't set it up so that nothing could be written or executed by root
remotely, and I can find nothing in rc.firewall or rc.conf which would
seem to be related.  I'm also having a good bit of trouble finding
information about ipfw itself.  Thus, I turn to the newsgroups.  Any
help you can offer would be greatly, -greatly- appreciated, as I'll be
several hundred miles from this box in a few weeks, and dependent upon
my ability to access and maintain it remotely.  Thanks!

Regards,
Michael Williams

2. Packet Capture Programs?

3. IPFW rules with dynamic IP

4. LMS/Philips 205 CDROM w/ 1.2.13 ELF?

5. Help with ipfw rules...

6. GCC-Upgrade-mini-HowTo (FINAL 4-8-96)

7. Firewall ipfw rules: Blocking whole domains ?

8. boot up stall on 'bringing up eth0'.... HELP

9. ipfw rule to filter out BOOTP requests?

10. basic ipfw rules?

11. missing ipfw rule

12. are these IPFW rules any good?

13. 4.5-R: Reloading IPFW Rules ?