Re: have to add pass in rdr statement

Your "pass" rules need to reference the IP address after processing by the "rdr" rule. So it should be passing traffic destined to '10.0.0.17' See http://openbsd.org/faq/pf/rdr.html#filter for more info. John On Thu, Jun 05, 2008 at 03:46:57PM -0700, Lord Sporkton wrote: > on OpenBSD fire.spork

have to add pass in rdr statement

on OpenBSD fire.sporkton.com 4.3 GENERIC#698 i386 I have this pf.conf config, it does not work for vnc ext_if="xl0" lawrence="10.0.0.17" rdr on $ext_if proto tcp from any to $ext_if port vncweb -> $lawrence port vncweb rdr on $ext_if proto tcp from any to $ext_if port vnc -> $lawrence port vnc