On 2022-09-24, Pierre Dupond <76nem...@gmx.ch> wrote: >> You could possibly do it on per-server basis, eg connections to >> 192.0.2.3 are redirected to 2001:db8::dead:beef and connections to >> 192.0.2.4 are redirected to 2001:db8::c0:ffee. >> I don't know if pf itself can do it, but you could probably use socat or >> even relayd to work as a proxy in userspace to achieve that. > This is exactly that I want to do. For few specific IPv4 address (non > routable) > I want to redirect the IPv4 address to an IPv6 address. 'relayd' seems to be > usable > for that case. I will try this solution since, after a short look in the man > page, it seems possible to relay from an IPv4 address to an IPv6 address.
There should be no need for relayd for this, try something like pass in to 192.0.2.3 af-to inet6 from (egress) to 2001:db8::dead:beef > Unfortunately, some IP providers (generally the access provided is free like > with the WIFI in the airports) filter > even the port 443 if it is not strictly used with the https protocol. > Probably using deep packet inspection > method. They usually just check for TLS not specifically HTTPS (which would require active mitm rather than passive inspection of the connection/SNI). So you can often get around this by wrapping the connection in TLS, which you can do with relayd (or stunnel or socat). -- Please keep replies on the mailing list.
