Redirection
This page describes how to use the
redirect module to modify traffic going through the Barefoot
server.
The official BSD licensed distribution of Barefoot includes a
full-featured port bouncer.
Some additional functionality is however offered as modules.
Redirection is done in the client pass rules. A
redirect to or redirect from keyword is added to
modify the behavior of the rule.
Server port range usage limiting
client pass {
from: 10.0.0.0/24 to: eth0 port = 1234
bounce to: www.example.org port = http
redirect from: eth1 port 30000 - 40000
}
It some usage scenarios it can be desired to restrict the port
ranges used by the Barefoot server. This would for example make it
possible for a firewall to know which port numbers will be used by the
Barefoot server. The rule above ensures that the server will limit itself
to using ports in the range 30000 to 40000 on the interface eth1, for
all traffic originating from clients on the 10.1.1.0/24 network.
|