Hello list,
iam trying to redirect traffic which is locally generated on a server to
a different IP address.
PF is running on the server and there is no way to change this.
So for example if the server wants to deliver a mail via SMTP to 1.1.1.1
then PF should
rewrite 1.1.1.1 to 2.2.2.2, keep-state for this and when the traffic
arrives back from 2.2.2.2
PF should memorized this for changing the Source-IP back to 1.1.1.1
This sounds like a default port-forwarding setup which is done
everywhere even on the smallest
soho solutions outside in the customer world.
But the difference is, that the traffic is a) locally generated and b)
that in conventionelly setups the
traffic is always arriving on a "outside" interface where the IP address
is directly assigned which
isnt the case in this setup.
I have used a simple RDR rule for accomplishing this:
"rdr pass on fxp0 proto tcp from $server_ip to 1.1.1.1 port 25 -> 2.2.2.2
... but without any success.
When tcpdumping on fxp0 to check what is happening, I recognized that
the packets are
pushed untouched outside of fxp0 with the original IP address (1.1.1.1),
so no rewriting was happening.
I thought that this would be a simple DNAT scenario, but the more iam
trying to get this working
the more iam believing that it isnt even possible.
Does anyone have an idea what iam doing wrong or can just confirm that
its not possible to rewrite
such packets and maybe can point me to a other software solution
(serverbased).
Thanks for your ear!
cheers,
Christian
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
