Date: Sat, 15 Jul 2006 20:53:00 +0200 From: Christian Meutes <christian@de.clara.net> To: "Travis H." <solinym@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: RDR for locally generated traffic Message-ID: <44B9398C.2080307@de.clara.net> In-Reply-To: <d4f1333a0607150742pe1733f7tb7aaef3efc33fef0@mail.gmail.com> References: <44B8F827.5000602@de.clara.net> <d4f1333a0607150742pe1733f7tb7aaef3efc33fef0@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > You cannot DNAT in outbound, nor can you SNAT on inbound. I have been > asking for the symmetric cases on the OpenBSD pf list, and it's on my > "to do one day" list, but I have no idea when that will become the top > priority (maybe never). > > As I understand it, this limitation has to do with the way the TCP/IP > stack works in BSD, particularly vis-a-vis routing. You will note we > don't have an equivalent to the PREROUTING chain, either. > Thanks for the answer! Then would it be possible to bind the IP to lo0 as an alias, connect to this IP and then let the rule rewrite the destination to a other one which lies on fxp0 directly?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44B9398C.2080307>