Hi,
I am trying to forward port using relayd which works but what I really need
is transparent relaying and I cannot make that one works :/
I have one OpenBSD 5.0 server with two network card (em0 can be ignored):
- em1: 192.168.33.10/24
- em2: 192.168.20.1/24
And another machine acting as server:
- em1: 192.168.33.11/24
My computer (client) is connected to the server on em2 and the server and
router are connected with their em1 interfaces, the server use the router
as its default route.
Here is my working configuration in non transparent mode:
pf.conf:
set skip on lo
anchor "relayd/*"
pass # to establish keep-state
relayd.conf:
relay banana {
listen on "192.168.20.1" port 8000
forward to "192.168.33.11" port 80
}
After restarting relayd I connect with "curl http://192.168.20.1:8000"; and
I get the page served by the server machine, eveything is fine.
Now I tried switching to a transparent relay, I added this in pf.conf:
pass out log(all) on em1 divert-reply
and my relayd.conf now looks like this:
relay banana {
listen on "192.168.20.1" port 8000
transparent forward to "192.168.33.11" port 80 interface em1
}
After restarting relayd and reloading pf.conf if I start curl again I
successfully connects to the relayd process but it never even tries to
connect to the http server on the server machine :/
I did some tests to ensure the routing was correct and the SO_BINDANY
option was working by running this command on the router:
nc -s 192.168.20.254 192.168.33.11 80
When I do this it connects and if I type "GET /" it returns the web page
and the server sees a connection from 192.168.20.254 so it seems to work.
For some reason relayd cannot open the socket but I have no idea why...
relayd logging is not very helpful, I managed to force it in debug mode and
I got this:
proc_dispatch: parent 1 got imsg 42 from relay 4
proc_dispatch: relay 1 got imsg 42 from parent 0
relay_dispatch_parent: session 1: expired
proc_dispatch: pfe 1 got imsg 39 from relay 4
# (previous line repeated a lot of time)
relay banana, session 1 (1 active), 0, 192.168.20.254 -> :80, bindany
failed, invalid socket
# (after the previous line the connection with curl is closed)
proc_dispatch: pfe 1 got imsg 39 from relay 4
# (previous line repeated until I hit Ctrl+C)
Any idea why relayd would fails to establish the connection ? I am now
digging into the relayd sources trying to find something helpful but not
much luck for now.
Thanks for any help, it's really driving me crazy...
