On Sat, 19 Mar 2011 21:28:09 +0100 Henning Brauer <lists-open...@bsws.de> wrote:
> > it was working for me - rdr-to outbound to a daemon on the firewall > > itself, but I deleted that virtual machine... > > > > rdr-to is usually applied inbound. If applied > > outbound, rdr-to to a local IP address is not supported. > > > > I would put my hand in fire -- it was working :) I read the manpage > > but I don't get it, how could it work then? > > pretty certain it could not have worked. the rdr-to in this case is > too late and the local/remote decision already taken. Hi, I understand I'm becoming annoying but it worked, but maybe I was on drugs... Unfortunatelly no evidence in hand now :) I tested like this: * ssh -D9999 remotehost * redsocks listening on 127.0.0.1:12345 and redirecting to 127.0.0.1:9999 * pf redirecting www to 127.0.0.1:12345 * lynx ipid.shat.net Finally I saw in lynx IP of remote ssh socks5 tunnel. Any idea how to redirect outgoing traffic to local port? Would this be hard to add such funcionality into PF? (I don't like such comparisons but it can be done on other OS.) This feature would be handy to people doing system-wide socksifying (I already saw apps which spawned another apps and thus it was not socksified), or people who want to run almost everything via Tor or similar anonymizing networks -- I think it's better to socksify Tor traffic on OS level because one can misconfigure his application). Thank you for help! jirib
