# Redirect outbound IP traffic



## jwilk000 (Nov 5, 2011)

Forgive me if this is a topic that has been discussed already. I tried to no avail to find a solution from Google and from various man pages. What I'm trying to do is actually quite simple, I just can't figure out how to do it. I'm trying to do simple outbound IP redirection. The FreeBSD system is the gateway for a number of machines, and I need traffic to certain addresses re-routed. Under Linux, I could simply use a DNAT target in iptables. So far I've been unsuccessful in finding something similar in IPFW/natd (which is the setup I'm currently running).

Basically I want the equivalent of the following:


```
iptables -t nat postrouting -a -p tcp -s [match internal network IP] -d [match destination IP] -j DNAT --to-destination [address of redirect]
```


----------



## Alt (Nov 5, 2011)

Redirect or dnat?


----------



## jwilk000 (Nov 6, 2011)

I want to mangle the packet destination addresses to be routed to a new destination address different from the one that was originally encoded into the packet. I would imagine the firewall will also need to be aware of the change so that it can let two-way traffic back in. I know the iptables DNAT target is generally for accessing a NAT'ed machine from behind a public IP, but in this instance, I guess I use it backwards.


----------



## aragon (Nov 6, 2011)

Use natd's -redirect_address parameter.  All the options are documented in natd(8).


----------

