Re: ipfirewall_forward

• Previous message: Ben Shin: "X Desktop"
• In reply to: Andrew Thomson: "ipfirewall_forward"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 16 Jun 2003 10:19:15 +1000
To: freebsd-questions@freebsd.org

On Mon, Jun 16, 2003 at 10:09:34AM +1000, Andrew Thomson wrote:
> i'm working on setting up a transparent squid proxy.
>
> would like to clarify what the forward stuff actually does..
>
> this is what I thought was happening..
>
> ipfw2 initialized, divert enabled, rule-based forwarding enabled,
> default to accept, logging unlimited
>
> 00500 fwd 192.168.1.2 tcp from any to any dst-port 80
> 65535 allow ip from any to any
>
> i just thought i'd muck around with apache atm.. i hit the box with these
> rules on it on port 80, and the request is never fwd'ed to 192.168.1.2
>
> is this what's supposed to happen??
>
> a tcpdump port 80 on both hosts show in the incoming http from the
> client, however nothing on the machined having the packets forwarded..
>
> can someone clarify this for me?
>
> thanks,
>
> ajt.
>

just tested some more.. and i assume this fwd business is for just
pushing packets around on the same host..

i snuck in rule 400 as a test..

00400 fwd 192.168.1.1,3128 tcp from any to any dst-port 80
00500 fwd 192.168.1.2 tcp from any to any dst-port 80

1.1 is what i'm typing in my browser.. originally i was hoping this
would be forwarded to 1.2.. but was getting no love..

however when i fwd to the same host as i type in the browser, the fwd
works.. i take it this is it's use??

so how do I do want I want to do??

thanks,

ajt.

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Ben Shin: "X Desktop"
• In reply to: Andrew Thomson: "ipfirewall_forward"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]