The IPFW
fwd keyword passes packets destined for one host to another host. The packets are not modified in any way, which means the host the packets are being forwarded to has to know how to handle the unmodified packets.
The most common use of the
fwd command is to redirect HTTP packets to a local proxy server, or to redirect SMTP packets to a local mail server:
Code:
# ipfw add fwd 127.0.0.1:3128 tcp from 192.168.0.0/24 to any 80 in recv fxp0
# ipfw add fwd 127.0.0.1:25 tcp from 192.168.0.0/24 to any 25 in recv xl0
The next most common use is probably to redirect traffic through alternate routes/interfaces, usually VPN links.
Code:
# ipfw add fwd 10.7.7.1 ip from 192.168.0.0/24 to 192.168.1.0/24 in recv re0
where 10.7.7.1 is the remote IP of a VPN link, and 192.168.1.0/24 is the private subnet of the remote network.
You probably don't want to use fwd. You want to look into
natd(8), which does IP translations and port forwarding. If you are using FreeBSD 7.x, you can also use the new
nat keyword with
ipfw(8).