[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: can pf be used as a generic tcp proxy?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: can pf be used as a generic tcp proxy?
- From: Marcus Popp <marcus_(_dot_)_popp_(_at_)_247net_(_dot_)_de>
- Date: Thu, 24 Feb 2005 09:34:27 +0000
On 2005-02-24T02:44, Kevin wrote:
> On Wed, 23 Feb 2005 22:38:28 +0100, -f <f_(_at_)_obiit_(_dot_)_org> wrote:
> > i am trying to accomplish the following:
> > a frined of mine has a ban for a certain site (w.x.y.z)
> > but can access any other site w/o problems. what i would
> > like to do is set up a generic proxy on my firewall to let
> > him go to w.x.y.z thru my firewall (he is not on my lan):
> > my friend's browser -> openbsd-firewall:some port -> w.x.y.z:80
> > and back.
> > is this possible using only pf?
> While it might be possible using only PF, and doing so would be
> an interesting exercise, you'd almost certainly find it easier to
> add something like 'netcat' to the mix. See "man -s 1 nc",
> Also, Hobbit's original netcat documentation includes an
> example of exactly what you propose.
you could just use rdr in your pf.conf.
Visit your host, monkey.org