To add to my last email, you can do it in iptables but doesn't seem to be a way to go it in pf. For whatever reason I feel invested in this thread and might boot up an openbsd VM to try myself
On Fri, Apr 18, 2025, 3:17 PM Mike <rizzz2...@gmail.com> wrote: > I don't think you can do that. > > Is your ISP blocking traffic or are you just doing this to see if you can? > I just can't think of a use case for what you're trying to do and wondering > if there could be a different way to achieve what you're trying to do. > > On Fri, Apr 18, 2025, 12:16 PM TSS <t...@mg-1.uk> wrote: > >> Hi again. I hope it's not unwelcome to ask a pf question here; I hope >> this one isn't too elementary. >> >> I have a daemon that sends and receives UDP packets on port 1337. For >> reasons, I would like to use pf on my computer (i.e. the one that's >> running the daemon) to take the daemon's outbound UDP packets, which it's >> emitting from port 1337, and actually send them out to the internet as >> if they're coming from port 31337. Also, I'd like UDP packets coming in >> to port 31337 to be received by the daemon, which is listening for them >> on port 1337. In ASCII art, that's: >> >> . . | >> +-------+ o * . ~ * | >> | my |--> UDP 1337 --> % . pf : . --|--> UDP 31337 --> clouds >> |special| + . magic + | and >> |daemon |<-- UDP 1337 <-- * _ , + <--|--- UDP 31337 <-- stuff >> +-------+ + * o . ~ | >> | >> INSIDE MY OPENBSD MACHINE | OUT ON THE INTERNET >> | >> >> All IP addresses involved should remain the same throughout, and in that >> way this feels a little bit different to NAT: there's no address >> translation since the addresses do not change. Does anyone know if it's >> possible to get pf to do this? >> >> Search engines have not helped me out with this one, but my search skills >> were dubious even before the AI era. >> >> If not pf, maybe relayd would work? I worry that its extra layer of >> indirection might be slow, and I'd like this process to be as fast as it >> can be. >> >> Thanks for any tips! >> --T >> >>
