Firewall Wizards mailing list archives

Re: FreeBSD 4.9 ipfw natd -- Port Forwarding

From: Anton Alin-Adrian <aanton () spintech ro>
Date: Tue, 29 Jun 2004 02:11:23 +0300

Anton Alin-Adrian wrote:

Adam Humphrey wrote:

Quick question.
I have successfully setup IP forwarding through my firewall to myinternal
web server.

Natd.conf:
redirect_port tcp 192.168.1.101:80 80

But now my web logs show everything coming from my firewall's external IP
address and not the actual IP of the request.
How do I get the original IP for the request to pass though myfirewall and
get my log files displaying the appropriate source IP addresses?

Any help would be much appreciated.

Regards,

Adam


Me said (privately by mistake):

You can't. But you can add a rule for logging via IPFW, *before* thedivert rules.
Regards,

Btw, you can redirect ports using divert rules, instead of natd. Natdreplaces the original SRC/DST Ip address fields.

Natd is userspace, but divert is kernelspace (faster) and redirects withoutmodifying SRC IP.


Regards,
--
Alin-Adrian Anton
Spintech Systems
GPG keyID 0x1E2FFF2E (2963 0C11 1AF1 96F6 0030 6EE9 D323 639D 1E2F FF2E)
gpg --keyserver pgp.mit.edu --recv-keys 1E2FFF2E
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

FreeBSD 4.9 ipfw natd -- Port Forwarding Adam Humphrey (Jun 28)
- Message not available
  - Re: FreeBSD 4.9 ipfw natd -- Port Forwarding Anton Alin-Adrian (Jun 29)
- Re: FreeBSD 4.9 ipfw natd -- Port Forwarding Ng Pheng Siong (Jun 29)
  - Re: FreeBSD 4.9 ipfw natd -- Port Forwarding Adam Humphrey (Jun 29)
    - Re: FreeBSD 4.9 ipfw natd -- Port Forwarding Ng Pheng Siong (Jun 29)