ip_port-forwarding
 BACK ..
 IP- und Port-Forwarding
 =======================
 > cd /usr/src/sys/i386/conf/
 > cp GENERIC MYKERNEL
 > vi MYKERNEL
 options         IPFIREWALL
 options         IPFIREWALL_VERBOSE                # Optional
 options         IPFIREWALL_DEFAULT_TO_ACCEPT      # Optional
 options         IPDIVERT
 options         RANDOM_IP_ID                      # Optional
 options         IPSTEALTH                         # Optional
 #options        DUMMYNET                          # Optional
 #options        BRIDGE                            # Optional
 > cd /usr/src
 > make buildkernel KERNCONF=MYKERNEL
 ...
 > make installkernel KERNCONF=MYKERNEL
 > reboot
 > vi /etc/rc.conf
 firewall_enable="YES"
 firewall_type="OPEN"
 natd_enable="YES"
 natd_interface="xl0"
 natd_flags="-u -f /etc/natd.conf"
 tcp_drop_synfin="YES"           # Optional
 icmp_drop_redirect="YES"        # Optional
 ifconfig_xl0="inet 198.213.17.133 netmask 255.255.255.240 media 100baseTX mediaopt full-duplex"
 ifconfig_xl1="inet 192.168.20.1/24 media 100baseTX mediaopt full-duplex"
 ifconfig_xl1_alias0="192.168.20.254/32"
 ifconfig_xl1_alias1="192.168.40.1/24"
 ifconfig_xl1_alias2="192.168.40.254/32"
 defaultrouter="198.213.17.142"
 gateway_enable="YES"
 > vi /etc/rc.firewall
 DIVDEV="xl0"
 /sbin/ipfw -f flush
 /sbin/ipfw add 00100 allow ip from any to any via lo0
 /sbin/ipfw add 00200 deny  ip from any to 127.0.0.0/8
 /sbin/ipfw add 00300 deny  ip from 127.0.0.0/8 to any
 /sbin/ipfw add 00400 divert natd all from any to any via ${DIVDEV}
 ... (weitere Regeln nach eigenem Wunsch) ...
 /sbin/ipfw add 10000 pass all from any to any
 > vi /etc/natd.conf
 ###   man natd
 log yes                         # Optional (logt in der /var/log/alias.log)
 redirect_port tcp 192.168.20.2:80 8002
 redirect_port tcp 192.168.40.2:80 9002
 ...
 redirect_port tcp 192.168.20.253:80 8253
 redirect_port tcp 192.168.40.253:80 9253
   [IMG]