Yes the PF setup appears to be very easy to setup and I've tried doing it but I can't get it working like the OpenBSD website describes which is why I'm looking for another solution...
I added this rdr rule to my pf.conf: rdr on $ext_if proto tcp from any to any port ftp -> 192.168.10.9 port ftp Then I added this to my filters: pass in on $ext_if proto tcp from any to any port ftp flags S/SA I restarted with pfctl and it didn't work. I also fiddled with it a few other ways and just can't seem to get it working. If you have any suggestions I'm all ears. The way I had it working with FreeBSD is I just opened the port with the above pass rule then I had ipnat forward the traffic to my ftp server (192.168.10.9) so now that I'm on OpenBSD I'm looking to have a similar solution since ipnat isn't on OpenBSD and I can't get pf to forward the traffic for me. Thanks, - Jake On 9/20/07, Peter N. M. Hansteen <[EMAIL PROTECTED]> wrote: > "Jake Conk" <[EMAIL PROTECTED]> writes: > > > I am wondering what software could I use besides pf to forwarding > > traffic coming in on my server on a specific port to another ip on my > > lan? > > PF is in the base system and pretty easy to configure for setups like > the one you describe - > > > Basically I'm using an openbsd as my router and I want to forward > > public traffic coming in on a certain port to a computer behind it in > > my lan. What are my options? > > Assuming your local net is NATed with unroutable addresses on the LAN, > the traffic is directed to a routable address but the computer you > want to receive the traffic is on a nonroutable address inside, some > basic redirection (rdr) should do the trick. > > I'm a bit interested in why you should be looking for a different and > probably more difficult way to do it. Are there any specific things > in your setup which would break with PF? > > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
