Re: pf rdr + netsed : reinject loop...

On Fri, 31 Aug 2007 22:09:42 +0200 Mel <[EMAIL PROTECTED]> wrote: > On Friday 31 August 2007 18:27:26 Norberto Meijome wrote: > > On Fri, 31 Aug 2007 17:40:06 +0200 > > > > Mel <[EMAIL PROTECTED]> wrote: > > > > netsed's output is (part ) : > > > > --- > > > > Script started on Fri Aug 31 07:52:12

Re: pf rdr + netsed : reinject loop...

On Friday 31 August 2007 18:27:26 Norberto Meijome wrote: > On Fri, 31 Aug 2007 17:40:06 +0200 > > Mel <[EMAIL PROTECTED]> wrote: > > > netsed's output is (part ) : > > > --- > > > Script started on Fri Aug 31 07:52:12 2007 > > > [EMAIL PROTECTED] /usr/home/luser]# netsed tcp 10101 0 0 s/FOO/BAR >

Re: pf rdr + netsed : reinject loop...

On Friday 31 August 2007 18:27:26 Norberto Meijome wrote: > On Fri, 31 Aug 2007 17:40:06 +0200 > > Mel <[EMAIL PROTECTED]> wrote: > > > netsed's output is (part ) : > > > --- > > > Script started on Fri Aug 31 07:52:12 2007 > > > [EMAIL PROTECTED] /usr/home/luser]# netsed tcp 10101 0 0 s/FOO/BAR >

Re: pf rdr + netsed : reinject loop...

On Friday 31 August 2007 19:12:42 Mel wrote: > On Friday 31 August 2007 18:27:26 Norberto Meijome wrote: > > On Fri, 31 Aug 2007 17:40:06 +0200 > > > > Mel <[EMAIL PROTECTED]> wrote: > > > > netsed's output is (part ) : > > > > --- > > > > Script started on Fri Aug 31 07:52:12 2007 > > > > [EMAIL P

Re: pf rdr + netsed : reinject loop...

On Fri, 31 Aug 2007 17:40:06 +0200 Mel <[EMAIL PROTECTED]> wrote: > > netsed's output is (part ) : > > --- > > Script started on Fri Aug 31 07:52:12 2007 > > [EMAIL PROTECTED] /usr/home/luser]# netsed tcp 10101 0 0 s/FOO/BAR > > netsed 0.01b by Michal Zalewski <[EMAIL PROTECTED]> > > [*] Parsing

Re: pf rdr + netsed : reinject loop...

On Friday 31 August 2007 15:10:15 Norberto Meijome wrote: > On Fri, 31 Aug 2007 13:33:53 +0200 > > Daniel Hartmeier <[EMAIL PROTECTED]> wrote: > > On Fri, Aug 31, 2007 at 08:27:29PM +1000, Norberto Meijome wrote: > > > rdr on $int_if proto tcp from 172.16.82.81 to any -> 127.0.0.1 port > > > 10101

Re: pf rdr + netsed : reinject loop...

On Fri, 31 Aug 2007 13:33:53 +0200 Daniel Hartmeier <[EMAIL PROTECTED]> wrote: > b) Instead of replacing the destination address in pf with rdr, try > leaving it as it is, but use route-to (lo0) to get the packet routed to > the loopback interface. This would require netsed to listen on > INADDR_A

Re: pf rdr + netsed : reinject loop...

On Fri, 31 Aug 2007 13:33:53 +0200 Daniel Hartmeier <[EMAIL PROTECTED]> wrote: > On Fri, Aug 31, 2007 at 08:27:29PM +1000, Norberto Meijome wrote: > > > rdr on $int_if proto tcp from 172.16.82.81 to any -> 127.0.0.1 port 10101 > > netsed tcp 10101 0 0 s/FOO/BAR > > > The traffic from XP gets red

Re: pf rdr + netsed : reinject loop...

On Fri, 31 Aug 2007 13:13:12 +0200 Mel <[EMAIL PROTECTED]> wrote: > I think you're looking for tagging, for example: > rdr on $int_if proto tcp from 172.16.82.81 to any tag NETSED -> 127.0.0.1 > port > 10101 > > Then you need to figure out how they come back and pass them through, for > exampl

Re: pf rdr + netsed : reinject loop...

On Fri, Aug 31, 2007 at 08:27:29PM +1000, Norberto Meijome wrote: > rdr on $int_if proto tcp from 172.16.82.81 to any -> 127.0.0.1 port 10101 > netsed tcp 10101 0 0 s/FOO/BAR > The traffic from XP gets redirected just fine to netsed, which replaces the > bytes just fine. BUT the changed packets

Re: pf rdr + netsed : reinject loop...

On Friday 31 August 2007 12:27:29 Norberto Meijome wrote: > 1) pf.conf has : > > ext_if="em0" > int_if="em1" > nat on $ext_if from $internal_net to any -> ($ext_if) > rdr on $int_if proto tcp from 172.16.82.81 to any -> 127.0.0.1 port 10101 > - > 2) I run netsed in transparent proxy mode

pf rdr + netsed : reinject loop...

Hello everyone, I need your help / insight here :) My setup, 2 VMs, XP (WinXP) and BSD (FreeBSD 6.2) [XP ,172.16.82.81 ] --- [172.16.82.81,em1 BSD A.B.C.D,em0] --- The Interweb [Other_servers_galore] A.B.C.D is a public IP. [Other_servers_galore] represents all and any servers XP wants