There is a gateway on FreeBSD, two network interfaces(em0 10.1.1.1/24 external, em1 192.168.1.1/24 - internal), configured NAT.
ipfw is configured minimally, so far:
cmd="ipfw -q add"
ipfw -q-f flush
$cmd 010 allow all from any to any via $iif
$cmd 011 allow all from any to any via lo0
# NAT IN
$cmd 100 divert socket natd ip from any to any in via $oif
$cmd 101 check-state
$cmd 200 $skip icmp from any to any out via $oif $ks
$210 cmd $skip udp from any to any 53 out via $oif $ks
$220 cmd $skip tcp from any to any 80 out via $oif setup $ks
$230 cmd $skip tcp from any to any 443 out via $oif setup $ks
$cmd 240 $skip all from me to any out via $oif setup $ks
$cmd 300 allow tcp from any to me 22 in via $oif setup $ks
$700 cmd deny ip from any to any
# NAT OUT
$cmd 800 divert socket natd ip from any to any out via $oif
$cmd 801 allow ip from any to any
$900 cmd deny all from any to any
You need to write a rule which will redirect requests from the network 10.1.1.0/24 to ports 80,443 to the address 192.168.1.2 on ports 80, 443 respectively. How to do it?