firewall rules
Richard Smith
rdls at rdls.net
Wed Jan 31 12:30:40 GMT 2001
David Richards wrote:
>
> Hi
> how would i write a rule to allow someone from the outside coming in on
> port XXXX to go to an internal machine on port YYYY
> is it ${fwcmd} add fwd
> Internal_IP_address_of_machine_i_want_to_connect_to_from_internet XXXX from
> any via ${oip} YYYY
>
> thanks
> david
>
> ------ FreeBSD UK Users' Group - Mailing List ------
> http://listserver.uk.freebsd.org/mailman/listinfo/freebsd-users
I haven't used `fwd' with ipfw(8) before, but from the man page I would
suggest the following:
ipfw add fwd inside_ip,inside_port tcp from any to ext_ip ext_port in
via ext_if
where:
inside_ip and inside_port are the internal machine (note the comma).
ext_ip, ext_port and ext_if are the firewall's external persona.
You will need to compile the `IPFIREWALL_FORWARD' option into the
kernel. You will need to place the rule above any that are likely to
drop incomming
connections on a more general basis.
<disclaimer>
I haven't tried this. Be careful :-)
</disclaimer>
Richard.
________________________________________________________________________
This message has been checked for all known viruses, by Star Internet,
delivered through the MessageLabs Virus Control Centre.
For further information visit:
http://www.star.net.uk/stats.asp
More information about the Ukfreebsd
mailing list