NAT issue - answer packets not sent to default gateway
Emre Bastuz
info at emre.de
Tue Apr 13 08:02:35 PDT 2004
Hi,
I have a FreeBSD box with four interfaces (actually four VLAN interfaces over
one trunk).
Packets from arbitrary IP addresses are supposed to arrive through interfaces
1-3 and the answer to those requests is supposed to be sent out on interface 4
(which is the default gateway).
Main goal is to create some kind of forced portal. To achieve this I´ve been
testing NAT rules, mainly this one:
rdr vlan220 0/0 port 80 -> 127.0.0.1 port 80 tcp
The translation itself works as expected so every http request is being forced
to the proxy machine itself:
bash-2.05b# ipnat -l
List of active sessions:
RDR 127.0.0.1 80 <- -> 198.133.219.25 80 [some.source.add.res 1098]
When the PC with the IP some.source.add.res fires up the browser and requests
http://www.cisco.com/ I would expect a different page to show up, namely the
index.html the Apache on 127.0.0.1 is configured to show.
However this does not happen as long a I do not have a host route for the
requesting PC on my proxy machine such as this:
bash-2.05b# route add -host some.source.add.res 192.168.0.1
(where 192.168.0.1 is the "other" side of a point to point link on one of the
interfaces 1-3).
Am I missing something? This is driving me nuts. Honestly.
TIA,
Emre
P.S.: net.inet.ip.forwarding=1
--
http://www.emre.de UIN: 561260
PGP Key ID: 0xAFAC77FD
I don't see why some people even HAVE cars. -- Calvin
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the freebsd-net
mailing list