From owner-freebsd-hackers@FreeBSD.ORG Mon Dec 22 20:18:08 2014 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9AC86547 for ; Mon, 22 Dec 2014 20:18:08 +0000 (UTC) Received: from mail-oi0-x231.google.com (mail-oi0-x231.google.com [IPv6:2607:f8b0:4003:c06::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5BED2232 for ; Mon, 22 Dec 2014 20:18:08 +0000 (UTC) Received: by mail-oi0-f49.google.com with SMTP id a141so10706569oig.8 for ; Mon, 22 Dec 2014 12:18:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=h/QXNOYQ9mTIwl6584P9ctAQIyFebK7A38XSxqyEshg=; b=RffeP1NUHnB3Li7I9yjV8W/6B01vdsveGSRtabpkg5rz3/Vq2sgKSOOUvwVQxcU+pW 3is5xmxpUcwrwCb5g1EwEdsGGAKWRp8S4kSCn/LNrLnOT06miB+hGoIqBk8WJNSZgJYT vop/7K/wAXW39uzaPHttDXjkgs8R3MDtvYQEg+f24VnqIlCA3J0sRDtOBcThyXDa5C5S 7g4IElWcOnQDlEDRnKGOhZa7Tsv1rERN0Zl5OttRqsYv+tAOeWv1CpGUDVTjKNWk8pBO hKXCk3gLuIwP6iDhZYNUC+PkFRUndZo4wueuU6Oi7OjyAF2Wj3A/kmll//JIdI8TjnJY OpSg== MIME-Version: 1.0 X-Received: by 10.202.201.23 with SMTP id z23mr13459564oif.32.1419279487811; Mon, 22 Dec 2014 12:18:07 -0800 (PST) Received: by 10.76.132.65 with HTTP; Mon, 22 Dec 2014 12:18:07 -0800 (PST) In-Reply-To: References: Date: Tue, 23 Dec 2014 07:18:07 +1100 Message-ID: Subject: Re: Fun with PF & redirection From: Stephen Hocking To: krad Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Dec 2014 20:18:08 -0000 Spot on! It turns out the issue was that the port ranges need to be in ascending order, as you suggested. I now have a small box which is capable of driving Nessus to tears. On Mon, Dec 22, 2014 at 11:48 PM, krad wrote: > should that be 5044:65334 rather than 65334:5044? > also make sure you are not filtering ports 5044-65334 and that the $spoof_port > isnt filtered > > On 21 December 2014 at 20:40, Stephen Hocking > wrote: > >> Hi all, >> >> I'm using PF on a 10.1 box, and am trying to redirect a range of ports to >> a >> single port, with a rule like this: >> >> rdr on $ext_if proto tcp from any to any port 65334:5044 -> $spoof_host >> port $spoof_port >> >> spoof_host has been set to 127.0.0.1. >> >> This does not seem to work. Any ideas? >> >> >> Stephen >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org >> " >> > >