Hi, I am using Apache on FreeBSD. If I use port 80 for http port, it won't work because the security problem. So I configured Apache to listen port 8800. Now the customer has type http://breakevilaxis.org:8800 to get on my web site. This is no good. So I have to forward port 80 request to port 8800. I guess what I should do is to ipfw add 100 fwd 127.0.0.0,80 tcp from any to any 8800 in But I got an error when I execute the command. I have compiled the kernel with LINT configuration. I did make LINT, make cleandepend;make depend;make;make install I really do not what is the kernel I am running. I doubt it is still the old kernel which the IPFIREWALL_FORWARD is not selected. Please help me to achieve this. breakevilaxis#uname -a FreeBSD breakevilaxis.org 7.0-CURRENT-200610 FreeBSD 7.0-CURRENT-200610 #0: Mon Oct 2 05:44:21 UTC 2006 root_at_stiles.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 breakevilaxis# ipfw add 100 fwd 127.0.0.1,80 tcp from any to any 8800 in ipfw: getsockopt(IP_FW_ADD): Invalid argument dmesg: ... Trying to mount root from ufs:/dev/ad8s1a ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, defa ult to deny, logging disabled bge0: link state changed to UP ... breakevilaxis# ipfw list 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00400 allow ip from 192.168.0.52 to 192.168.0.0/24 00500 allow ip from 192.168.0.0/24 to 192.168.0.52 00600 allow tcp from any to any established 00700 allow ip from any to any frag 00800 allow tcp from any to 192.168.0.52 dst-port 25 setup 00900 allow tcp from 192.168.0.52 to any setup 01000 deny tcp from any to any setup 01100 allow udp from 192.168.0.52 to any dst-port 53 keep-state 01200 allow udp from 192.168.0.52 to any dst-port 123 keep-state 65535 deny ip from any to any rc.conf ... firewall_enable="YES" firewall_type="client" ... rc.firewall .... case ${firewall_type} in [Oo][Pp][Ee][Nn]) setup_loopback ${fwcmd} add 65000 pass all from any to any ;; [Cc][Ll][Ii][Ee][Nn][Tt]) net="192.168.0.52" mask="255.255.255.0" ip="192.168.0.52" setup_loopback ${fwcmd} add pass all from ${ip} to ${net}:${mask} ${fwcmd} add pass all from ${net}:${mask} to ${ip} ${fwcmd} add pass tcp from any to any established ${fwcmd} add pass all from any to any frag ${fwcmd} add pass tcp from any to ${ip} 25 setup ${fwcmd} add pass tcp from ${ip} to any setup ${fwcmd} add deny tcp from any to any setup ${fwcmd} add pass udp from ${ip} to any 53 keep-state ${fwcmd} add pass udp from ${ip} to any 123 keep-state ;;Received on Fri Oct 13 2006 - 12:46:04 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:01 UTC