[ previous ] [ next ] [ threads ]
 
 From:  edward mzj <edward dot mzj at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] RDR rule again
 Date:  Sun, 4 Sep 2005 22:29:28 +0800 
2005/9/4, Krzysztof Syguda <krzys at wroclaw dot dialog dot net dot pl>:
> Would somebody be so kind and told me how to create the "rdr" rule for
> the firewall (using exec.php)?
> 
> I need to do something like this:
> Source IP/mask proto TCP/udp ->to Desination IP proto(TCP/UDP):port
> -> REDIRECT to Desination IP:PORT
> 

echo 'rdr IFNAME from SRCADDR/SRCMASK to DSTADDR/DSTMASK port PORT ->
TARGETADDR port PORT tcp/udp' | ipnat -f-

> It is possible to use it, for creating transparent proxy on the external
> machine, for the traffic optimization or also content filtering (external
> machine too).
> KS
> 

 for transparent proxying, see my posts for more detail
    http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=186&actionargs[]=63
   
and please note, in that post, the inbound rule for transparent
proxying is wrong. here is the correct one
>
>3. add inbound/outbound nat rules for transparent proxying
>        inbound rules 1:
>                Interface:                        LAN
>+              Source:                          not A.B.C.D5/32
>                External address:                Any Address
>                Protocol:                        TCP
>                External port range.from:        80
>                NAT IP:                        A.B.C.D5
>                Local port:                        3128