Iptables allows me to rewrite the address of outgoing traffic. PF does not allow this functionality. Is this a missing/broken feature, or is there a reason why this is not allowed?
Example: I absolutely need traffic sent to 10.10.10.10 to be rewritten to 192.168.1.1. There is no way around it, it just needs to be done to solve my problem. I had a long discussion with some people in #pf, and after they got the whole story, it made sense to them, but they agreed it was a pretty dirty solution... but it works with iptables. iptables -A OUTPUT -t nat -d 10.10.10.10 -j DNAT --to 192.168.1.1 I can now ping 10.10.10.10 and like magic it send the traffic to 192.168.1.1 without my machine knowing. rdr inet proto tcp from self to 10.10.10.10 -> 192.168.1.1 Doesnt work. Tried binat too. Tried many variations. PF just doesn't allow this. Could someone elaborate on why this is not implemented or why PF doesn't allow this behavior? Thanks, Mark
