[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rdr rule for proxy

To: Chad Whitten <cwhitten@nexband.com>
Subject: Re: rdr rule for proxy
From: Dries Schellekens <gwyllion@ace.ulyssis.org>
Date: Sun, 2 Feb 2003 18:56:41 +0100 (CET)
Cc: misc@openbsd.org
References: <3E3D5341.4000809@nexband.com>

On Sun, 2 Feb 2003, Chad Whitten wrote:

> running openbsd 3.2 - just upgraded this morning
> and i have one pf rule i cant get to work
>
> # Redirect HTTP requests to Proxy Server except DOMAIN Web Sites
> rdr on $Int inet proto tcp from $Lan to ! $DOMAIN port 80 ->
> xxx.xxx.xxx.8 port 80
>
> here is all i get when i try to load pf.conf with the rule applied
> firewall:~ # pfctl -f /etc/pf.conf
> /etc/pf.conf:62: syntax error
> pfctl: Syntax error in file: pf rules not loaded
>
> im assuming it has to do with the ! $DOMAIN
> if i take that part out and just go with
> rdr on $Int inet proto tcp from $Lan to any port 80 -> xxx.xxx.xxx.8
> port 80
> it will work but i dont want to proxy for my local webservers.

Negation of host list is not possible; so it's a syntax error.

Perhaps you should use
no rdr on $Int inet proto tcp from $Lan to $DOMAIN port 80
rdr on $Int inet proto tcp from $Lan to any port 80 -> xxx.xxx.xxx.8 port 80


Groeten,

Dries
--
Dries Schellekens
email: gwyllion@ulyssis.org

References:
- rdr rule for proxy
  - From: Chad Whitten <cwhitten@nexband.com>

Prev by Date: Re: rdr rule for proxy
Next by Date: Something like iptraf in OBSD.
Prev by thread: Re: rdr rule for proxy
Next by thread: Something like iptraf in OBSD.
Index(es):
- Date
- Thread