Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 31 Aug 2012 14:49:35 +0700
From:      budsz <budiyt@gmail.com>
To:        freebsd-pf@freebsd.org
Cc:        freebsd-questions@freebsd.org
Subject:   PF RDR from LAN to LAN
Message-ID:  <CADM2n7hMHqA-prFGx4DF0KP4m5H_U=x-_o1ZLqJMSvi0=koR0A@mail.gmail.com>

next in thread | raw e-mail | index | archive | help
Hi folks,

I've little questions about RDR using Packet Filter (PF), I used IPF
(IPFILTER) before and success with this scenario.

extif = outside interface
intif = internal interface
public_ip = 202.xxx.xxx.xxx
client_create = 192.168.1.1, port = 6112
client_join = 192.168.1.2

for outside/internet
rdr pass on $extif proto tcp from any to $public_ip port 6112  ->
$client_create port 6112

That's rule success can forward from from internet to $client_create,
now other plan how to forward
$client_join to $client_create. I use this rule:

rdr pass on $intif proto tcp from $client_join to $public_ip port 6112
 -> $client_create port 6112

As far i know if $client_create created game host with port 6112 will
be translate to $public_ip with port 6112 too.
so I need to forward from LAN to $public_ip/6112 to actually who
create game ($client_create/6112)

pfctl -s state resulting:

client_create 6112 <- public_ip 6112 <- client_join SYS-CLOSED

Anyone help for this issue - Thank you

-- 
budsz



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADM2n7hMHqA-prFGx4DF0KP4m5H_U=x-_o1ZLqJMSvi0=koR0A>