It's very simple, try reading the ftp-proxy man page, as it has an example for exactly what you're doing, something like: rdr on $int_if inet proto tcp from $int_net to any port ftp -> 127.0.0.1 port 8021
I believe pf.conf man page also has examples for this too. Really, read the docs, because you might even learn something you weren't intending to. Jason On 6/10/05, Denis Doroshenko <[EMAIL PROTECTED]> wrote: > hello, > > is there possibility to catch outgoing packets on an interface? > while the question seems dumb, i seem to be stuck and > no man page/PF faq/web searches help me. it seems > that PF rdr-s only incoming packets. is this a correct > statement? is there any thoughts of extending PF > functionality to cover outgoing packet case (like > "rdr [in|out] on..." with "in" as default) or this sounds > unacceptable? > > thanks in advance. > > p.s. > what i am trying to do. i have a proggie on 127.0.0.1:port > (via inetd) which wants to receive a connection via PF's rdr, > lookup state table and then act as transparent proxy. > while this will work for routed connections (i.e. OpenBSD > box routes/NATs packets from others), but not for > connections originated from the OpenBSD box itself.
