pf (3.3-stable) with reply-to
From: Bob Farro (bobfarro_at_example.com)
Date: 09/23/03
- Next message: Bob Farro: "Re: Mailing list software under OpenBSD"
- Previous message: Stephen Cornell: "Linux fdisk sees OpenBSD disklabel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 23 Sep 2003 13:00:48 +0100
Hi guys,
I have a machine running OpenBSD33-stable bridging between my LAN and a router,
with a DSL connection also attached to that machine. i.e.
LAN-----$int_if|OpenBSD|$ext_if-----Cisco Router
-------
$dsl_if
|
|
DSL router ($dsl_ip)
I want traffic sent to the DSL router to go back out that way (the default
route on the box points to the Cisco), so I have set up a few rules like:
nat on $dsl_if from $int_net to any -> $dsl_if
rdr on $dsl_if proto tcp from any to $dsl_if port 443 -> 1.1.1.1 port 443
rdr on $dsl_if proto tcp from any to $dsl_if port 110 -> 1.1.1.2 port 110
rdr on $dsl_if proto tcp from any to $dsl_if port 143 -> 1.1.1.2 port 143
rdr on $dsl_if proto tcp from any to $dsl_if port 1677 -> 1.1.1.3 port 1677
pass in quick on $dsl_if reply-to ( $dsl_if $dsl_ip ) proto tcp \
from any to any port smtp keep state
pass in quick on $dsl_if reply-to ( $dsl_if $dsl_ip ) proto tcp \
from any to any port { 443, 110, 143, 1677 } keep state
However neither the SMTP (localhost) or the rdr ports work externally.
I can see the packets coming in on the $dsl_if from a tcpdump session, but
that's it, nothing in the state table.
Have I missed something obvious?
Thanks, Bob
- Next message: Bob Farro: "Re: Mailing list software under OpenBSD"
- Previous message: Stephen Cornell: "Linux fdisk sees OpenBSD disklabel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
