On 19/05/2019 14:16, Ville Valkonen wrote:
> On Sun, 19 May 2019 at 12.14, Carlos Lopez <clo...@outlook.com
> <mailto:clo...@outlook.com>> wrote:
>
> Hi all,
>
> Yesterday, I have upgraded my home OpenBSD's fws from 6.4 to 6.5.
> All
> seems to work ok execpt with route-to rules. The following rules have
> been working smoothly in previous versions:
>
> pass in quick inet proto tcp from <allow_tor_desktops> to
> <google_networks> port = 80 flags S/SA keep state (if-bound) label
> "Force access to Google sites via TOR" tag intlans-to-intlans route-to
> 172.22.56.5@vio4
> pass in quick inet proto tcp from <allow_tor_desktops> to
> <google_networks> port = 443 flags S/SA keep state (if-bound) label
> "Force access to Google sites via TOR" tag intlans-to-intlans route-to
> 172.22.56.5@vio4
>
> .. but with 6.5 fails ... Any idea?
> --
> Regards,
> C. L. Martinez
>
>
> Hello Carlos,
>
> you have "port = 443", shouldn't that be in "port 443" form? Didn't
> check the pf.conf man page for the correct grammar while on mobile.
>
> Regards,
> Ville
Thanks Ville, but not. This is not the problem. I have attached pfctl's
output. Original rules is:
pass in quick inet proto tcp from <allow_tor_desktops> to
<google_networks> port { http https } route-to ($vpnif $inthost) tag
intlans-to-intlans label "Force access to Google sites via TOR"
