Re: [fw-wiz] FreeBSD 4.9 ipfw natd -- Port Forwarding

From: Anton Alin-Adrian (aanton_at_spintech.ro)
Date: 06/29/04

  • Next message: ArkanoiD: "Re: [fw-wiz] Firewalls Compared" 
    To: firewall-wizards@honor.icsalabs.com
Date: Tue, 29 Jun 2004 02:11:23 +0300

    Anton Alin-Adrian wrote:
    > Adam Humphrey wrote:
    >
    >> Quick question.
    >>
    >> I have successfully setup IP forwarding through my firewall to my
    >> internal
    >> web server.
    >>
    >> Natd.conf:
    >> redirect_port tcp 192.168.1.101:80 80
    >>
    >> But now my web logs show everything coming from my firewall's external IP
    >> address and not the actual IP of the request.
    >>
    >> How do I get the original IP for the request to pass though my
    >> firewall and
    >> get my log files displaying the appropriate source IP addresses?
    >>
    >> Any help would be much appreciated.
    >>
    >> Regards,
    >>
    >> Adam
    >>

    Me said (privately by mistake):
    >
    > You can't. But you can add a rule for logging via IPFW, *before* the
    > divert rules.
    >
    > Regards,

    Btw, you can redirect ports using divert rules, instead of natd. Natd
    replaces the original SRC/DST Ip address fields.

    Natd is userspace, but divert is kernelspace (faster) and redirects without
    modifying SRC IP.

    Regards, 

    -- 
Alin-Adrian Anton
Spintech Systems
GPG keyID 0x1E2FFF2E (2963 0C11 1AF1 96F6 0030 6EE9 D323 639D 1E2F FF2E)
gpg --keyserver pgp.mit.edu --recv-keys 1E2FFF2E
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: ArkanoiD: "Re: [fw-wiz] Firewalls Compared"

    Relevant Pages

    • Re: disconnect a hacker
      ... My Web server station is right next ... my attention divided by security concerns... ... see an IP connected to port 80, ... I've been forwarding my firewall logs to my ISP, ...
      (alt.computer.security)
    • Re: Firewall on server itself
      ... Perhaps the iptables could defend against an intruder who is already ... Firewall vender specific vulnerabilities ... >> be configured to protect the web server as well other computers on ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
      (Security-Basics)
    • Re: [fw-wiz] Using SSL accelerators in firewalls
      ... It also depends on what you're using your SSL for, and how tightly you can couple ... your firewall with your web application. ... web server don't have to be very aware of each other. ... >> lost in the process and the security of transactions eroded. ...
      (Firewall-Wizards)
    • Re: security advice (possible hacker activity?)
      ... > trojan or worm is installed onto the web server. ... > itself through the firewall to an email user on a PC, ... > the IIS web server. ... IWAM runs any site with Access or SQL. ...
      (microsoft.public.inetserver.iis.security)
    • Re: security advice (possible hacker activity?)
      ... > trojan or worm is installed onto the web server. ... > itself through the firewall to an email user on a PC, ... > the IIS web server. ... IWAM runs any site with Access or SQL. ...
      (microsoft.public.win2000.security)