On 01/18/11 19:06, Henning Brauer wrote:
>> Harald Dunkel wrote on Tue, Jan 18, 2011 at 04:41:39PM +0100:
>>
>>> pf.conf(5) says
>>>
>>> In the example below, packets bound for one specific server, as well as
>>> those generated by the sysadmins are not proxied; all other connections
>>> are.
>>>
>>> match in on $int_if proto { tcp, udp } from any to any port 80 \
>>> rdr-to 127.0.0.1 port 80
>>> pass in on $int_if proto { tcp, udp } from any to $server port 80
>>> pass in on $int_if proto { tcp, udp } from $sysadmins to any port
>>> 80
>>>
[snip]
>
> that doesn't contradict the OP at all. match rdr-to is indeed sticky
> and the example flawed. replacing the match with pass would make it
> work.
>
Assuming I would keep the match statement:
Is there some "no-rdr" option for the pass rules to override
the redirection defined in the match?
Regards
Harri
