Hello, I am trying to perform traffic redirection with PF on 7.2-RELEASE. The traffic is in the same subnet and I try doing that by using just one interface em0. Mu current setup of pf is as follows:
No ALTQ support in kernel ALTQ related functions disabled TRANSLATION RULES: rdr pass on em0 inet proto tcp from any os "NMAP" to any port 1:65535 -> 192.168.128.170 port 22 rdr pass on em0 inet proto tcp from 192.168.128.126 to any port = http -> 192.168.128.103 port 83 rdr pass on em0 inet proto tcp from 192.168.128.126 to any port = rdp -> 192.168.128.102 port 3389 rdr pass on em0 inet proto tcp from any to any port = ctf -> 192.168.128.102 port 83 FILTER RULES: scrub in all fragment reassemble block drop log all block drop in on ! em0 inet from 192.168.128.0/24 to any block drop in inet from 192.168.128.170 to any pass in on em0 inet proto tcp from any to 192.168.128.170 port = ssh flags S/SA keep state pass in on em0 inet proto tcp from any to 192.168.128.102 port = ctf flags S/SA synproxy state pass in on em0 inet proto tcp from any to 192.168.128.103 port = mit-ml-dev flags S/SA synproxy state pass out all flags S/SA keep state When I try to perform request they get the state of *SYN_SENT:CLOSED* : No ALTQ support in kernel ALTQ related functions disabled all tcp 192.168.128.170:22 <- 192.168.128.126:53162 ESTABLISHED:ESTABLISHED all tcp 192.168.128.102:83 <- 192.168.128.170:84 <- 192.168.128.104:8351 CLOSED:SYN_SENT all tcp 192.168.128.104:8351 -> 192.168.128.102:83 *SYN_SENT:CLOSED* Any advice is much appreciated. KR, Spas _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
