Re: natd redirected ports from LAN
From: Brian Candler (B.Candler_at_pobox.com)
Date: 11/29/05
- Previous message: asko: "natd redirected ports from LAN"
- In reply to: asko: "natd redirected ports from LAN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 29 Nov 2005 13:07:27 +0000 To: asko <asko_nospam@ultrasoft.ee>
On Tue, Nov 29, 2005 at 12:46:10PM +0200, asko wrote:
> I'm searching for a better, faster solution..
> Does it exist?
Do your constraints allow you switch to 'pf' instead of 'ipfw'? I think you
may be able to do it that way. I had a similar situation where I wanted
traffic originating from the local host to be processed specially. The case
in point was redirection rather than NAT, but the same principles probably
apply. Using pf I forced the traffic back through the loopback interface so
it was treated as 'incoming' traffic. e.g. see thread around
http://lists.freebsd.org/pipermail/freebsd-pf/2005-September/001495.html
Maybe in your case you just need two rdr rules: one bound to the internal
interface, and one to the external one.
I stopped using ipfw several years ago because of a number of issues with
NAT, especially some horrible scenarios with multiple external interfaces,
IPSEC tunnels, and needing to run multiple instances of natd :-{
Regards,
Brian.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: asko: "natd redirected ports from LAN"
- In reply to: asko: "natd redirected ports from LAN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
