[nycbug-talk] Is PF rdr broken in 6.2
Rodrique Heron
rodrique_heron at baruch.cuny.edu
Wed Jan 9 16:42:59 EST 2008
Okan Demirmen wrote:
> On Wed 2008.01.09 at 16:22 -0500, Rodrique Heron wrote:
>
>> Guys-
>>
>> I'm trying to accomplish a very simple redirect using PF on FreeBSD
>> 6.2. I want to forward all incoming port 22 connections to a remote
>> server, but can't get it to work. I have this in /etc/pf.conf
>>
>> host_ip="192.168.2.4"
>> remote_server="192.168.2.6"
>>
>> rdr on em0 proto tcp from any to $host_ip port 22 -> $remote_server
>>
>> pass in quick all
>> pass out quick all
>>
>> Forwarding is enabled (net.inet.ip.forwarding: 1) even though I don't
>> think I need it, tcpdump shows traffic, but I'm not sure what to look for.
>>
>> Also, I have a jail on this server, if I enabled it and change the rdr
>> rule to redirect to the jail address it works fine.
>>
>>
>> Any ideas ?
>>
>
> where is $remote_server, network-wise?
>
$remote_server is in the same broadcast domain if that's what you mean.
Both servers are plugged into the same stack.
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
More information about the talk
mailing list