# IPFW Redirect



## vpeleh (Nov 17, 2008)

Hi
Somebody know? can ipfw do redirect packet
(Something like to PF
rdr on ! $ext_if proto tcp from <blocked_user> to any port 80 -> 192168.192.168 port 8080
)

ipfw nat do not work in this way, it only redirect packet that destination to local router...

If somebody know how do that, pleae help
Thanks


----------



## raVen (Nov 17, 2008)

ipfw fwd?


----------



## vpeleh (Nov 17, 2008)

ipfw fwd only forward packet to destination(it do not change destination field in packet)


----------



## aragon (Nov 18, 2008)

I'm thinking you need to use natd and one of its -redirect_* parameters.  Then use ipfw divert to divert the relevant traffic through natd.


----------



## aragon (Nov 18, 2008)

Something like this:


```
natd -redirect_port tcp 192.168.192.168:8080
```


```
ipfw add 100 divert natd tcp from blocked_user to any 80 in
```


----------



## vpeleh (Nov 19, 2008)

Thanks
I will try


----------



## jleal2003 (Dec 9, 2008)

You can also use a port redirector like rinetd , it is a very useful tool!! try and let us know what happen!


----------



## r-c-e (Dec 12, 2008)

jleal2003 said:
			
		

> You can also use a port redirector like rinetd , it is a very useful tool!! try and let us know what happen!



I use rinetd a lot when migrating sites from one server to another and love it, easy to setup and can take a beating.


----------



## komeylian (Dec 21, 2008)

hi, vpeleh

as well as you want in above 





> (Something like to PF rdr on ! $ext_if proto tcp from <blocked_user> to any port 80 -> 192168.192.168 port 8080)




you should follow bellow :

1) load ipfw module



> # kldload ipfw.ko



2) check it by 


> # kldstat



3) 





> # ipfw add allow ip from any to any


4) 





> # ipfw add fwd 192.168.192.168:8080 tcp from <blocked_user> to any 80



5) for check it use 





> # ipfw show



have fun.


----------



## mlevel (Mar 3, 2011)

This rule doesn`t change destination IP-address in TCP-packet!


----------

