Date: Thu, 8 May 2008 10:43:08 +0200 From: CZUCZY Gergely <gergely.czuczy@harmless.hu> To: Oleksandr Samoylyk <oleksandr@samoylyk.sumy.ua> Cc: freebsd-pf@freebsd.org Subject: Re: iptables rule in pf Message-ID: <20080508104308.702e8911@twoflower.in.publishing.hu> In-Reply-To: <4822BB8A.8030507@samoylyk.sumy.ua> References: <48222786.3050400@samoylyk.sumy.ua> <20080508085234.2cac29ca@twoflower.in.publishing.hu> <4822B459.6090307@samoylyk.sumy.ua> <20080508101252.4d25b9eb@twoflower.in.publishing.hu> <4822BB8A.8030507@samoylyk.sumy.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/geKEQbz3FrEYRYCTsonydfv Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Thu, 08 May 2008 11:36:26 +0300 Oleksandr Samoylyk <oleksandr@samoylyk.sumy.ua> wrote: > >> That iptables rule worked for any destination. =20 > > You cannot rewrite a packet's destination address to _any_ destination. > >=20 > > It's like you cannot submit a package at the post office with the > > destination address "any". It's just meaningless. > > =20 >=20 > However it works with iptables. :) >=20 > What can I do in my situation in order to gain the same functionality by= =20 > means of pf or other additional daemons? No, it doesn't. That iptables rule only affects the port number, where it defaults to the original dst address. So it defaults to something, where as= pf doesn't. With pf you have to explicitly specify the rewritten dst IP. In my first reply I've told you to read the openbsd FAQ. You haven't done i= t. I _strongly_ suggest you, before doing your next reply to the list. go and re= ad that FAQ. Here's the URL once more, I bet you've lost it under your desk... http://www.openbsd.org/faq/pf/ --=20 Sincerely, CZUCZY Gergely Harmless Digital Bt mailto: gergely.czuczy@harmless.hu Tel: +36-30-9702963 --Sig_/geKEQbz3FrEYRYCTsonydfv Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.3 (FreeBSD) iD8DBQFIIr0ezrC0WyuMkpsRAvnJAKChDiocqfMRXO4jepbb85Z4e9mysACeJzuC xdSmoJPpL6YsW4AxtvztVZA= =5t+S -----END PGP SIGNATURE----- --Sig_/geKEQbz3FrEYRYCTsonydfv--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080508104308.702e8911>