On 2011-04-07, rancor <theran...@gmail.com> wrote: > I want to reflect all IP from a client to a server via another machine > called mirror. client and server can't access each other and there is > nothing I can do about that. How ever the mirror can access both > client and server so I want all traffic from client to mirror be > reflected to server and all responses from the server should be > reflected back to the client via the mirror.
this is probably the simplest way: pass in from $client to $mirror rdr-to $server tag mirrored pass out tagged mirrored nat-to $mirror if someone has time to write this up for www/faq/pf/rdr.html, please send me a diff. also related: binat-to (*without* setting the interface) also happens to put rules in place which allow you to connect from a client in the same subnet as the server. (credit to phessler for this tip).
