hi, Can you help in my situation? My goal is so Box in my lan 10.1.1.2 to talk to 10.1.1.1 and actually it would be talking to X.X.X.X outside ip using one of my public IPs say 1.1.1.1. I'm trying to modify packets to passthrough to a local IP. I have a box that a specific IP is routed to it.. say 1.1.1.1 in my bce0 i don't have that ip configured but i have my public IP that say 2.2.2.2 that 1.1.1.1 is routed to it. i configured 10.1.1.1/24 in bce0, my target box is 10.1.1.2/24. i tried the following inside ngctl: mkpeer ipfw: patch 300 in name ipfw:300 src_dst_chg msg src_dst_chg: setconfig { count=2 csum_flags=1 ops=[ { mode=1 value=0x0a010101 length=4 offset=3 } { mode=1 value=0x0a010102 length=4 offset=4 } ] } in my box(10.1.1.1) i did: sysctl net.inet.ip.fw.one_pass=0 /sbin/ipfw add 50 netgraph 300 ip from any to any to 1.1.1.1 then i do simple ping from outside box i see the packets arrive on my 160 rule but never leaves the box.. I would at least see packeta flow one direction to 10.1.1.2 and then that need another ipfw and netgraph opposite rule. If you have alternative way I'm happy to try... Help much appreciated... SamiReceived on Sun Dec 17 2017 - 06:52:17 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:14 UTC