Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 8 May 2008 10:43:08 +0200
From:      CZUCZY Gergely <gergely.czuczy@harmless.hu>
To:        Oleksandr Samoylyk <oleksandr@samoylyk.sumy.ua>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: iptables rule in pf
Message-ID:  <20080508104308.702e8911@twoflower.in.publishing.hu>
In-Reply-To: <4822BB8A.8030507@samoylyk.sumy.ua>
References:  <48222786.3050400@samoylyk.sumy.ua> <20080508085234.2cac29ca@twoflower.in.publishing.hu> <4822B459.6090307@samoylyk.sumy.ua> <20080508101252.4d25b9eb@twoflower.in.publishing.hu> <4822BB8A.8030507@samoylyk.sumy.ua>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
On Thu, 08 May 2008 11:36:26 +0300
Oleksandr Samoylyk <oleksandr@samoylyk.sumy.ua> wrote:

> >> That iptables rule worked for any destination.  
> > You cannot rewrite a packet's destination address to _any_ destination.
> > 
> > It's like you cannot submit a package at the post office with the
> > destination address "any". It's just meaningless.
> >   
> 
> However it works with iptables. :)
> 
> What can I do in my situation in order to gain the same functionality by 
> means of pf or other additional daemons?
No, it doesn't. That iptables rule only affects the port number, where it
defaults to the original dst address. So it defaults to something, where as pf
doesn't. With pf you have to explicitly specify the rewritten dst IP.

In my first reply I've told you to read the openbsd FAQ. You haven't done it. I
_strongly_ suggest you, before doing your next reply to the list. go and read
that FAQ. Here's the URL once more, I bet you've lost it under your desk...
http://www.openbsd.org/faq/pf/


-- 
Sincerely,

CZUCZY Gergely
Harmless Digital Bt
mailto: gergely.czuczy@harmless.hu
Tel: +36-30-9702963

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (FreeBSD)

iD8DBQFIIr0ezrC0WyuMkpsRAvnJAKChDiocqfMRXO4jepbb85Z4e9mysACeJzuC
xdSmoJPpL6YsW4AxtvztVZA=
=5t+S
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080508104308.702e8911>