Hello
I'm using pf's rdr-to to forward external connections on port 5281 to a
machine (called pc5) on my internal network, using this line in pf.conf:
pass in on egress proto tcp from any to any port 5281 rdr-to pc5 port 5281
This works fine, but i can't get the forwarding to also work from my internal
network.
The FAQ http://www.openbsd.org/faq/pf/rdr.html talks about solutions to this
exact
problem; the solution that is entirely in pf.conf is two extra lines like:
pass in on $int_if proto tcp from $int_net to $ext_if port 80 rdr-to $server
pass out on $int_if proto tcp to $server port 80 received-on $int_if nat-to
$int_if
First question - what is '$int_net' ? I can't find it defined in the
pf.conf man page or FAQ. I've assumed that it's a typo for $int_if, but
please let me know if that's wrong.
So my version of these two lines is:
pass in on $int_if proto tcp from $int_if to $ext_if port 5281 rdr-to pc5
pass out on $int_if proto tcp to pc5 port 5281 received-on $int_if nat-to
$int_if
But this doesn't work - e.g. trying to telnet to my OpenBSD machine
from a local machine on port 5281, ends up with 'connection refused'.
Apologies if i've missed something obvious. I've read the pf.conf man
page and didn't find any alternative info there.
This is on OpenBSD 5.5.
Thanks for any help,
- Julian
--
http://op59.net
