From owner-freebsd-pf@FreeBSD.ORG Thu Nov 23 01:38:17 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DC80E16A417 for ; Thu, 23 Nov 2006 01:38:17 +0000 (UTC) (envelope-from fwun@bigpond.net.au) Received: from imta09sl.mx.bigpond.com (imta09sl.mx.bigpond.com [144.140.92.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6920143D4C for ; Thu, 23 Nov 2006 01:37:39 +0000 (GMT) (envelope-from fwun@bigpond.net.au) Received: from imtas01sl.mx.bigpond.com ([144.140.91.180]) by imta09sl.mx.bigpond.com with ESMTP id <20061123013805.XFUM11380.imta09sl.mx.bigpond.com@imtas01sl.mx.bigpond.com> for ; Thu, 23 Nov 2006 01:38:05 +0000 Received: from web03sl ([144.140.91.180]) by imtas01sl.mx.bigpond.com with ESMTP id <20061123013805.YBJA27889.imtas01sl.mx.bigpond.com@web03sl> for ; Thu, 23 Nov 2006 01:38:05 +0000 Received: from 144.136.83.132 by webedge2.bigpond.com; Thu, 23 Nov 2006 1:38:03 +0000 Message-ID: <16201878.1164245885264.JavaMail.root@web03sl> Date: Thu, 23 Nov 2006 12:38:05 +1100 From: To: freebsd-pf@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) Sensitivity: Normal Subject: how to route to a local server thru PF router X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2006 01:38:17 -0000 Hi, The PF router I setup is an Internet router that allow people access the Internet. But in the mean time, this PF router also connected to a local freebsd server. As a user behind the PF router, i also want to ssh into the local freebsd server (10.1.10.2). But currently I m not able to ssh into this local server thru the PF router. The current NAT rules in the PF router setup as: # pfctl -a NATRULES -sn nat on sis0 inet from 192.168.1.0/24 to any -> (sis0) round-robin nat on sis0 inet from 172.17.3.0/24 to any -> (sis0) round-robin nat on sis0 inet from 10.1.10.0/24 to any -> (sis0) round-robin I m connected to the 172.17.3.0/24 network. The local freebsd server is connected to 10.1.10.0/24 network. And the PF router is already setup as a default gateway. How can I modify the PF rules so that I can login from 172.17.3.0/24 to 10.1.10.0/24 network? Thanks s