Home / server / Questions / 391784
In Process
Alec T
Asked: 2012-05-24 02:20:02 +0800 CST

Redirecting port 80 requests to local web server with IPFW

  • 772

I'm setting up a freebsd router and want certain IPs on my network to be forwarded to our local webserver if they make port 80 requests. An example would be - banned user tries to surf the web, but all his requests are forwarded to the web page which notifies him that he is banned. As I understand I can use IPFW for this and maybe NATD.

I would be grateful if someone could show me a good example on how to do it.

freebsd redirect ipfw

2 Answers

  1. If you don't want to bother with natd you need kernel compiled with IPFIREWALL_FORWARD option. You can check your current kernel issuing 'sysctl kern.conftxt | grep IPFIREWALL_FORWARD'. If this option is absent you need to rebuild your kernel (or stick to pf).

    If you have such kernel you just need to add this rules:

    ipfw add allow tcp from any to 192.168.0.0/24 via internal_if0
ipfw add fwd localhost,80 tcp from any to any 80 via internal_if0
    • 1

  2. FreeBSD now comes with 3 (sic!) different firewalls, ipfw2 is just one of them, and two left are Darren Reed's ipfilter and OpenBSD's PF. Both of them has built-in NAT which supports port redirecting "from the box", see, for e. g., PF's way. So why not use them instead?

    • 1