8

I need to forward all connection to any address port 22 to a different gateway (i.e. no default). Firstly I suppose to do it with ipfw:

sudo ipfw add 5 fwd $EXTERNAL_IP,22 tcp from any to any 22 keep-state

But with Mac OS X Lion it seems do not work. Anyway, looking at ipfw documentation I see it is deprecated and I should use pfctl.

So I have modified /etc/pf.conf file:

rdr proto tcp from $internal_ip to any port 22 -> $external_ip port 22

But with no luck.

Does anyone know how to translate or forward all connections generated by local applications to any address but port 22 to a different gateway/ip address?

Update

Following Jake's suggestion I tried to specify only destination IP, so I converted rdr rule to mac os x syntax:

rdr proto tcp from any to any port 22 -> $external_ip port 22

Even in this case I didn't get results I expected, i.e. I can connect via ssh to my server but through default gateway.

freedev
  • 313
  • 5
  • 17
  • Did you figure it out? I'm trying myself to insert a transparent proxy on localhost between localhost and external services and with no luck. My guess is that OS X just joined Windows on this front - no more NAT support at system firewall level, but I still hope it can be done. – foxx1337 Aug 15 '12 at 22:31
  • 2
    No, I have abandoned and switched on linux. – freedev Aug 22 '12 at 08:20
  • exactly what i did, in fact; thanks for the update – foxx1337 Aug 22 '12 at 12:02

2 Answers2

0
rdr pass on $internal_ip inet proto tcp from any to any port 22

Not an expert by any means, think that should do it. Been a long time since I used anything other than iptables :)

Jake
  • 82
  • 6
  • Thanks Jake for your tentative to help, unfortunately this syntax is not supported and even trying to correct the rdr rule didn't give the expected result. I have updated my question with your suggestion. – freedev Jan 10 '12 at 00:12
0

You can try to find a port of rinetd for Mac OS X.

Mike
  • 598
  • 7
  • 16