[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PF Problem, can't route to my internal webserver
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: PF Problem, can't route to my internal webserver
- From: Jesse Lucas <jlucas_(_at_)_neoprimitive_(_dot_)_net>
- Date: Thu, 24 Feb 2005 17:42:01 -0500
You missed this part in the User's Guide...
NOTE: Translated packets must still pass through the filter engine
and will be blocked or passed based on the filter rules that have
I read it, but I didn't grok it.
The rdr rule didn't work because you didn't add a rule to allow the traffic
through. Adding the ``pass'' keyword is a shortcut for adding such a rule
but depending on what you're doing you might want to write a proper pass
rule instead of using the shortcut.
Thanks for the enlightenment. Is there anything inherently less secure
about doing it this way, without a rule farther down?
rdr pass on $ext_if proto tcp from any to any port 80 -> 192.168.1.127 \
Visit your host, monkey.org