Re: rdr question
This is a discussion on Re: rdr question within the IPFilter forums, part of the System Security and Security Related category; Toomas Aas wrote: > Hello! > > I have a fairly simple setup with internal network 192.168.14.0/...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-08-2008
|
|||
|
|||
Re: rdr question
Toomas Aas wrote:
> Hello! > > I have a fairly simple setup with internal network 192.168.14.0/24 and > one external IP. Gateway is running ipfilter 4.1.8. > > Generally all traffic from internal network to the outside world is > allowed, but now I need to specifically restrict one internal IP so that: > > http traffic from 192.168.14.92 to 12.34.56.78 is allowed > http traffic from 192.168.14.92 to 23.45.67.89 is allowed > http traffic from 192.168.14.92 to anywhere else is redirected to > 12.34.56.78 > > Is this possible with ipnat/ipfilter? I thought I would need something > like > > rdr fxp0 from 192.168.14.92/32 to ! (12.34.56.78/32, 23.45.67.89/32) > port = 80 -> 12.34.56.78 port 80 Not using a single rule. You would use these rules: rdr fxp0 from 192.168.14.92 to 12.34.56.78 port = 80 -> 0/0 port 80 tcp rdr fxp0 from 192.168.14.92 to 23.45.67.89 port = 80 -> 0/0 port 80 tcp rdr fxp0 from 192.168.14.92 to any port = 80 -> 12.34.56.78 port 80 tcp Even if there was a address pool mechanism, for two addresses there is no performance gain. Darren 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 09:53 PM.
