Hi list,
I have 3 web servers running on port 8080 behind PF firewall. I am trying
to load balance these incoming connections to these web servers.
I wrote rules as below. Pls pay attention to *highligthed BOLD* rules .
they are the once I have written. But, I can NOT login to these web servers
from the Internet.
# macros
ext_if="em0"
int_if="em1"
web_servers = "{ 192.168.x.64, 192.168.x.66, 192.168.x.67 }"
lan_net="192.168.x.0/24"
# options
set block-policy return
set loginterface $ext_if
set skip on lo
set state-policy if-bound
# Normalizing packets
# Filter traffic for unusual packets
match in on $ext_if scrub (random-id min-ttl 5 no-df)
match out on $ext_if scrub (random-id no-df)
*match in on $ext_if inet proto tcp to $ext_if port 8080 rdr-to $web_servers
\
round-robin sticky-address *
# filter rules
block in log
block out log
*pass out log on $int_if inet proto tcp from any to $web_servers port 8080 \
flags S/SA modulate state*
I visited this url as well. http://www.openbsd.org/faq/pf/pools.html
Still no luck.
Where have I gone wrong?
--
Thank you
Indunil Jayasooriya
