I need to forward incoming TCP connections made to my host 192.168.5.3 on the port 3100 to the IP address 10.0.0.101 port 3000 connected through another interface. These rules work when connection is made from a remote host: > ipfw -q nat 19001 config redirect_port tcp 10.0.0.101:3000 192.168.5.3:3100 > ipfw -q add 19001 nat 19001 tcp from any to 192.168.5.3 3100 in recv sk0 > ipfw -q add 19001 nat 19001 tcp from 10.0.0.101 3000 to any out xmit sk0 The problem: A similar firewall rule for connections from the host's LAN IP address (that pass through lo0) doesn't work: > ipfw -q add 19001 nat 19001 tcp from 192.168.5.3 to 192.168.5.3 3100 in recv lo0 Wireshark shows that the incoming connection is from 192.168.5.3 to 192.168.5.3 on 3100 but it gets immediately rejected instead of being forwarded. This rule looks very similar to the second rule above, just the interface is different. Why doesn't it work?
Please use mailing lists or web forums for general discussion. Default ipfw ruleset matches loopback traffic with rule 100, so it cannot be matched using later rules.