# redirect tcp traffic with ipfw?



## Anonymous (Jan 16, 2011)

My network is set up such that: (client)-->(router/nat)-->(ipfw firewall/nat)-->(internet)

On the ipfw machine I have apache listening on internal socket 192.168.1.1:1187  

I have the following rule set up and it appears to be grabbing outgoing traffic on port 80 since no http traffic is going through the router but everything else is working. 

```
divert 1187 tcp from any to any dst-port 80
```
So I'm pretty sure the "from any to any dst-port 80" part is correct.
But I tried putting 127.0.0.1:1187 as the location to divert to and it truncates it to 127. I'm guessing somehow that rule is expecting just a port number or something but I want to be more specific. I would go through and read the entire ipfw man page and experiment but I hardly ever have to configure the firewall and it would take hours if not days. Can anyone help?


----------



## aragon (Jan 16, 2011)

Use fwd, not divert.


----------



## vand777 (Jan 16, 2011)

And please keep in mind the following:

```
To enable fwd a custom kernel needs to be compiled with option [FILE]options IPFIREWALL_FORWARD[/FILE].
```


----------



## enweniwe (Feb 24, 2011)

I do not know how to activate 
	
	



```
option IPFIREWALL_FORWARD
```
 in kernel

Please help.


----------



## SirDice (Feb 25, 2011)

It's all in the excellent handbook: Chapter 8 Configuring the FreeBSD Kernel.


----------

