Pawel Jakub Dawidek wrote:
...or am I missing something?
I've a box running:
FreeBSD whiplash.wheel.pl 7.0-STABLE FreeBSD 7.0-STABLE #0: Wed Jul 23 11:41:31
CEST 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/WHIPLASH i386
I'm also running PF in there with the following rule:
rdr on fxp0 proto tcp from 10.0.1.9 to 10.0.0.2 port 88 -> 10.0.5.123 port 88
When I connect from 10.0.1.9 to 10.0.0.2:88 I can see redirected packet
leaving the box:
IP 10.0.1.9.43210 > 10.0.0.2.88: S [...]
IP 10.0.1.9.43210 > 10.0.5.123.88: S [...]
Ok. Now I've a box running:
FreeBSD bridge.wheel.pl 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #1: Thu Sep 11
13:59:06 CEST 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/BRIDGE i386
And the following PF rule:
rdr on fxp0 proto tcp from 10.0.0.2 to 10.0.5.123 port 88 -> 10.0.1.9 port 88
When I connect from 10.0.0.2 to 10.0.5.123:88 I no longer see redirected
packet leaving the box:
IP 10.0.0.2.60806 > 10.0.5.123.88: S [...]
I tried to redirect packet on the second box with IPFW, but also failed
(yes IPFIREWALL_FORWARD was compiled in).
Does something got broken or am I missing some configuration hint?
Could it be that the box you are trying to connect from is the 10.0.0.2?
If this is the case, then the problem is that the rule rdr is works only for
packet which hits the interface from outside, eq interface should be
incoming for packets not outgoing on which the rule is set .
rik
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
